MD5

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

user___
Forum Contributor
Posts: 297
Joined: Tue Dec 05, 2006 3:05 pm

MD5

Post by user___ »

Hi guys,
I am creating a system in which a user Logs In. I use md5 for encrypting their password before sending it to the server. Is it enough or another security measure should be made in when they Log In?

I am asking this because a freind of mine told me that MD5 secures an application thirty percents.

I do know that there is not one hindred percents secuity but I just want to know if there is a better technique.
timvw
DevNet Master
Posts: 4897
Joined: Mon Jan 19, 2004 11:11 pm
Location: Leuven, Belgium

Post by timvw »

Let's reverse it a bit, can you answer the following questions? (Once you can, you will get a better understanding of your problem.. And probably be able to answer your original question)
- What is MD5?
- How does MD5 help secure your application?
- What does MD5 not do?
- What are the security risks with regards to 'logging in'?
user___
Forum Contributor
Posts: 297
Joined: Tue Dec 05, 2006 3:05 pm

Reply

Post by user___ »

I know what MD5 is and how it is used but I need to know whether it is enough to hash a password for example.
User avatar
Mordred
DevNet Resident
Posts: 1579
Joined: Sun Sep 03, 2006 5:19 am
Location: Sofia, Bulgaria

Post by Mordred »

If you can't answer those questions, then you don't know what md5 is :P
I would also add this one to the list:
- To what extent is MD5 reversible.
User avatar
stereofrog
Forum Contributor
Posts: 386
Joined: Mon Dec 04, 2006 6:10 am

Post by stereofrog »

Mordred wrote: - To what extent is MD5 reversible.
You can (relatively) easy revert md5 using a combination of known collision algorithms, dictionary attacks and reverse lookup databases. To some extent, this is true for other hash functions as well, that's why they should always be used with secret "salt" key. Ie. md5($password) is weak, md5($salt . $password) is much better.
User avatar
onion2k
Jedi Mod
Posts: 5263
Joined: Tue Dec 21, 2004 5:03 pm
Location: usrlab.com

Post by onion2k »

I use AES for passwords these days. It's secure enough and it allows me to do proper forgotten password interaction rather than generating a new password. It's not quite as portable as MD5 but I'm not too bothered about that.
user___
Forum Contributor
Posts: 297
Joined: Tue Dec 05, 2006 3:05 pm

Reply

Post by user___ »

Thank you stereofrog and you onion2k. I was sure someone could help. I would like to know what you would recommend me to use, stereofrog, if you can and have some time to help me.
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

I use sha256.
User avatar
stereofrog
Forum Contributor
Posts: 386
Joined: Mon Dec 04, 2006 6:10 am

Re: Reply

Post by stereofrog »

user___ wrote:Thank you stereofrog and you onion2k. I was sure someone could help. I would like to know what you would recommend me to use, stereofrog, if you can and have some time to help me.
From your post I understood that you're using hashing of the client (presumable with javascript) before sending the data to the server. If this is true, you would be better off using SSL connection. Ask your hosting provider, they should help you further.

As to server-side hashing, I use the approach I described above: hash function + secret key (salt). This makes it virtually impossible to reverse hashed passwords even if your database gets stolen. This is how salt is used:

Code: Select all

define('SECRET_SALT', 'secret');

function password_hash($password) {
   return md5(SECRET_SALT . $password);
}

// insert new password in db:

$h = password_hash($_POST['password']);
mysql_query("INSERT INTO users(...., pass) VALUES(...., '$h')");

// check if password is valid

$h = password_hash($_POST['password']);
mysql_query("SELECT * FROM users WHERE pass='$h' ");
User avatar
Mordred
DevNet Resident
Posts: 1579
Joined: Sun Sep 03, 2006 5:19 am
Location: Sofia, Bulgaria

Post by Mordred »

@onion2k: Using a reversible encryption is not a very good choice security-wise, and sending forgotten passwords in plain text by email is doubly so.

@stereofrog: Your setup is good, but it can be better. If someone steals your entire database, and you have enough users, he can get a list of users with popular passwords and carry an online attack at them. My research shows that about 6% of the user accounts can be recovered that way. You must add user-specific salt to each password. Details: viewtopic.php?t=62782
user___
Forum Contributor
Posts: 297
Joined: Tue Dec 05, 2006 3:05 pm

Reply

Post by user___ »

Thank you guys. You do help me. I would like to ask you whether it is a bad practice to use MD5 because my host provider does not want to tto enable SSL and then use the techniques you have described(particularly @stereofrog's one although I totally agree with Mordred) and as Mordred says that sening E-mails in plain text is insecure,for which I agree too, which is a preferable way of doing so?
User avatar
onion2k
Jedi Mod
Posts: 5263
Joined: Tue Dec 21, 2004 5:03 pm
Location: usrlab.com

Post by onion2k »

Mordred wrote:@onion2k: Using a reversible encryption is not a very good choice security-wise, and sending forgotten passwords in plain text by email is doubly so.
AES is a US government standard for encrypting non-classified data. It's never been compromised using any direct attack (there's side channel attacks that work, but they're tricky and need 'live' access to the encryption process). It's more than secure enough for website passwords.

As for sending plain text passwords by email, so what? You have to email the user something that lets them access their account, be it a link, password, or temporary passkey. If the email is intercepted then their account will be compromised irrespective of the encryption or hashing that's carried out at the database level.
User avatar
stereofrog
Forum Contributor
Posts: 386
Joined: Mon Dec 04, 2006 6:10 am

Post by stereofrog »

Mordred wrote:Details: viewtopic.php?t=62782
Very interesting reading, thanks.
onion2k wrote: As for sending plain text passwords by email, so what?
The point is, most users tend to use same passwords on different services. If you send me my actual password and someone intercepts the message, this compromises my accounts on other sites, not only yours. With generated or one-time password I only lose my identity on your server in the worst case.
User avatar
onion2k
Jedi Mod
Posts: 5263
Joined: Tue Dec 21, 2004 5:03 pm
Location: usrlab.com

Post by onion2k »

stereofrog wrote:The point is, most users tend to use same passwords on different services. If you send me my actual password and someone intercepts the message, this compromises my accounts on other sites, not only yours. With generated or one-time password I only lose my identity on your server in the worst case.
If the user uses a standard password across all their accounts then the chance of them having forgotten it is pretty small. Besides, I'd say that's more reason to send it to them: they might learn why that's such an incredibly bad idea.
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

It is just an opinion, but the only time I send a user an email with their password in it is when they a) first sign up for an account or b) request a password change from having forgotten their password. In both cases, the password comes with an activation code that requires their input when logging in with the temporary password, and they are required to change their password before being allowed to do anything else. Is it insecure? Yes, to a degree. But it is a necessary evil when dealing with users that may forget a password.

Keep in mind, this is a somewhat regular practice, one that is used by banks, credit companies and other high security information stores.
Post Reply