Page 1 of 1

advanced Authentification scheme

Posted: Sun Dec 03, 2006 4:10 pm
by TheProgrammer
Hello people,
I've been working with php for a long time, many times with quite advanced stuff but never needed, got the chance or the time to implement a more complex and secure authentification method for a site's private section for example. What i used until now was something like this (the main ideea not the actual implementation):
- i kept the username and the password in a mysql database (the password hashed)
- i verified the authentification like this (some parts are not real code, only the ideea, but that's what i'm looking for, the main ideea)

Code: Select all

$auth = false;

if( isset( $_POST['username']) && isset($_POST['password']) )
{
   $u = [i]get_user_from_database[/i]
   $p = [i]get_password_from_database[/i]
   if( $u == htmlentities(trim($_POST['username'])) && $p == MD5(MD5(MD5(htmlentities(trim($_POST['password'])))))) //corected was incprectly writen MD5(MD5(MD5(htmlentities(trim($_POST['username'])))))) before
   {
     $auth = true;
     $_SESSION['mysite_username'] = $u;
     $_SESSION['mysite_password'] = $p;
   }
}
else if( isset( $_SESSION['mysite_username']) && isset($_SESSION['mysite_password']) )
{
   if( $u == $_SESSION['mysite_username'] && $p == $_SESSION['mysite_username'] )
       $auth = true;
}

if($auth)
{
   //the page content
}
Well I know it's quite primitive, and the fact that i save the password in session (even hashed), is at least fishy, but never needed something more secure until now.
So..can you give me a pice of advice? Or some links? Or anything that can help. You can hit me with some more advanced stuff too. I will understand :D. The documentation or samples I found on net ar quite simillar or even worse :D
Thank you very much!

Posted: Sun Dec 03, 2006 4:49 pm
by nickvd
This:

Code: Select all

MD5(MD5(MD5(htmlentities(trim($_POST['username'])))))
Won't add any security, on the contrary, it may even reduce the effectiveness of the md5 hash... I believe feyd can shed more light on this topic.

Posted: Sun Dec 03, 2006 4:55 pm
by TheProgrammer
interesting.. hope feyd will drop a word then :) i just tried that because of the many colisions discovered with md5 lately, and thought that the hacker won't know that i used md5 3 times :P quite childish. i will swap to sha1 if is not good but until now loved md5 becasue is fast.

Posted: Sun Dec 03, 2006 4:57 pm
by TheProgrammer
ohh..and that is MD5(MD5(MD5(htmlentities(trim($_POST['password']))))) there..my bad..let me correct it

Posted: Sun Dec 03, 2006 5:01 pm
by TheProgrammer
meanwhile the best method i found is to create a suplimentary table where i'll store the session id for every authentificated user and add this check to authentification

Posted: Sun Dec 03, 2006 5:25 pm
by nickvd
Read this tutorial regarding the Challenge-Response Authentication pattern... It's the (fairly) standard "secure" login method (as far as i know, please correct me if i'm wrong)

Posted: Sun Dec 03, 2006 5:56 pm
by feyd
Yes, multiple hashes just makes it that much easier to break. It doesn't seem logical, but if you go through all the math involved it drops right out of the sky on you. If you want more security, you could always upgrade to SHA256.

I've been saying it for quite some time, but I will have SHA512 and SHA1024 coming out. Don't bank on it being soon though. Maybe over my winter holiday I'll crank out a few bits of code I've been sitting on. Image

Posted: Sun Dec 03, 2006 6:05 pm
by klarinetking
Just if you're interested, multiple hashing's is less effective mostly because each call to md5 will produce at 32 bit hash, meaning a cracker only has to try every 32 length string, instead of a variable length string. Also, it's not a huge deal, but you might want to use the identical operator (===) instead of the equality operator (==). I'm not sure that it'll make a difference, but I don't believe it could hurt.

klarinetking

Posted: Sun Dec 03, 2006 10:07 pm
by TheProgrammer
Thank you very much for your answers!! Very usefull!!
I think I will also consider to implement my own SHA1024. We just implemented MD5 under carefull supervision at college last week and are about to do SHA256 this week so it shoudnt be too much of a challenge ( I think this week they are about to tell us about the attacks on MD5 also. Ill be a step ahead. :lol: )
I think it will be a good alternative until feyd releasees his version. Anyway, when Ill have some code i will post it here so you can have a look and tell me if its secure enought for me to use.
Again thank you very much for your help guys! Means a lot to me!

Posted: Mon Dec 04, 2006 2:42 am
by TheProgrammer
Another question guys. Talked to my cryptography teacher and he gave me an ideea: Would it help to add to the stored hashed password a DES or AES encryption? And if yes, what to use as encryption key? He proposes to use as key a small part of the hash itself. I find it quite interesting. But , from what you know would this help. From what I can tell it does.
Thanks!
Crististian

Posted: Mon Dec 04, 2006 3:13 am
by onion2k
TheProgrammer wrote:Would it help to add to the stored hashed password a DES or AES encryption?
It'd help if you're worried about the database data being stolen and cracked offline. If you're protecting against an attack through the 'front door' of the website then it won't make the slightest difference.

Posted: Mon Dec 04, 2006 6:54 am
by timvw
TheProgrammer wrote:Another question guys. Talked to my cryptography teacher and he gave me an ideea: Would it help to add to the stored hashed password a DES or AES encryption? And if yes, what to use as encryption key? He proposes to use as key a small part of the hash itself. I find it quite interesting. But , from what you know would this help. From what I can tell it does.
Thanks!
Crististian
Afaik it wouldn't help: The attacker still needs to find input that leeds to the desired hash... (nothing more, nothing less)

md5

Posted: Mon Dec 04, 2006 11:56 am
by timclaason
The php.net has a pretty cool comment on it for md5...a scrambling algorithm (http://us3.php.net/md5)

Code: Select all

function scramble($p) {
   // Assumes that $p is going to be 32 characters long

   $q = $p{13} . $p{30} . $p{5} . $p{17} . $p{23} . $p{0}
       . $p{28} . $p{4} . $p{18} . $p{25} . $p{6} . $p{20}
       . $p{14} . $p{9} . $p{31} . $p{11} . $p{24} . $p{29}
       . $p{10} . $p{3} . $p{15} . $p{26} . $p{8} . $p{12}
       . $p{21} . $p{27} . $p{1} . $p{16} . $p{22} . $p{7}
       . $p{19} . $p{2};
   return $q;
}

$p = $_POST['password'];
// If the password is blank or too short, do something here.

$p = scramble(md5($p));
// Now set $s = scrambled password stored on server.
// If $p == $s then we have a match.
Even if this isn't a great implementation, I think it suggests different ways to do it.

For instance, you could do a shuffling thing, where you explode the md5, and shuffle the elements, then stick that particular shuffle into a table (associated with the user logging in).

Then when they login, you could grab the shuffle from the table, and check it using a similar method as above. If I'm remembering my computer security class correct, this is similar to Private key encryption, in theory.

For all you super-gurus, feel free to remark if this is the dumbest thing you've ever heard. :D

Posted: Mon Dec 04, 2006 2:37 pm
by TheProgrammer
I agree with onion2k, this would only help in the case the database is stolen then cracked offline. But this is the least of my worries. A front-door atack is the most probable.
Had another chat with my teacher and he sugested to have a look at Kerberos: http://web.mit.edu/Kerberos/. Had any of you experimented with it? What do you think?