how to descript the password

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

User avatar
jaoudestudios
DevNet Resident
Posts: 1483
Joined: Wed Jun 18, 2008 8:32 am
Location: Surrey

Re: how to descript the password

Post by jaoudestudios »

Or use their unique ID (the auto incremented one)
mikelbring
Forum Commoner
Posts: 38
Joined: Sat Jan 05, 2008 5:28 pm

Re: how to descript the password

Post by mikelbring »

Just wondering. Why would using 2 md5s be less secure than one? This is a function I use:
public function sethash($v){

return md5(crc32(sha1(md5(strrev($v)))));

}
Is this considered more unsecure than a simple hash?
User avatar
Apollo
Forum Regular
Posts: 794
Joined: Wed Apr 30, 2008 2:34 am

Re: how to descript the password

Post by Apollo »

mikelbring wrote:Is this considered more unsecure than a simple hash?
Yes, every hash introduces possible collisions. So even if $a and $b are different, $c = md5($a) and $d = md5($b) could be the same (although it's unlikely). And if they are different, crc32(sha1($c)) and crc32(sha1($d)) could be the same, and so could md5($c) and md5($d).

Especially crc32 which is only 32 bits will drastically reduce the number of different possible results.

THe only situation where nested hashes could improve security somewhat, is if you only use direct md5 hashes of the password or whatever you are hashing. This way people can use quick dictionary attacks and rainbow table lookups. But in that case salt'ing the string before hashing it is much better than hashing multiple times.

To sum it up, if $a is the string (e.g. password) you want to hash:
  • md5( $a ) has low chance of collision, but is easy to attack with dictionaries/rainbow tables
  • md5( md5( $a ) ) has higher chance of collision, and is somewhat less easy to attack with dictionaries/rainbow tables
  • md5( $a . $randomSalt ) has low chance of collision, and is impossible to attack with dictionaries/rainbow tables
  • md5( md5( $a ) . $randomSalt ) has higher chance of collision, and is impossible to attack with dictionaries/rainbow tables
Obviously the 3rd approach is best, with the notion that $randomSalt is actually salt + pepper (i.e. $constantGlobalSalt.$userSpecificSalt).

Using other hasing algorithms (e.g. sha1 instead of md5) does not make an essential difference for the above.
Nonetheless I would recommend using sha1 (or preferably even sha256 or sha512) instead of md5 at all times, as md5 seems to become more and more vulnerable these days. Nothing really serious (yet), but sha1 can currently be considered less risky.
User avatar
Skoalbasher
Forum Contributor
Posts: 147
Joined: Thu Feb 07, 2008 8:09 pm

Re: how to descript the password

Post by Skoalbasher »

Apollo wrote:
mikelbring wrote:Is this considered more unsecure than a simple hash?
Yes, every hash introduces possible collisions. So even if $a and $b are different, $c = md5($a) and $d = md5($b) could be the same (although it's unlikely). And if they are different, crc32(sha1($c)) and crc32(sha1($d)) could be the same, and so could md5($c) and md5($d).

Especially crc32 which is only 32 bits will drastically reduce the number of different possible results.

THe only situation where nested hashes could improve security somewhat, is if you only use direct md5 hashes of the password or whatever you are hashing. This way people can use quick dictionary attacks and rainbow table lookups. But in that case salt'ing the string before hashing it is much better than hashing multiple times.

To sum it up, if $a is the string (e.g. password) you want to hash:
  • md5( $a ) has low chance of collision, but is easy to attack with dictionaries/rainbow tables
  • md5( md5( $a ) ) has higher chance of collision, and is somewhat less easy to attack with dictionaries/rainbow tables
  • md5( $a . $randomSalt ) has low chance of collision, and is impossible to attack with dictionaries/rainbow tables
  • md5( md5( $a ) . $randomSalt ) has higher chance of collision, and is impossible to attack with dictionaries/rainbow tables
Obviously the 3rd approach is best, with the notion that $randomSalt is actually salt + pepper (i.e. $constantGlobalSalt.$userSpecificSalt).

Using other hasing algorithms (e.g. sha1 instead of md5) does not make an essential difference for the above.
Nonetheless I would recommend using sha1 (or preferably even sha256 or sha512) instead of md5 at all times, as md5 seems to become more and more vulnerable these days. Nothing really serious (yet), but sha1 can currently be considered less risky.
Are sha1, 256 and 512 already in php? I use md5 like no tomorrow because it's already there for you.
User avatar
papa
Forum Regular
Posts: 958
Joined: Wed Aug 27, 2008 3:36 am
Location: Sweden/Sthlm

Re: how to descript the password

Post by papa »

Look at the php website. :)
User avatar
Apollo
Forum Regular
Posts: 794
Joined: Wed Apr 30, 2008 2:34 am

Re: how to descript the password

Post by Apollo »

Skoalbasher wrote:Are sha1, 256 and 512 already in php? I use md5 like no tomorrow because it's already there for you.
sha1 is there by default (php.net reference), sha256 and sha512 are probably accessible through the hash function:

Code: Select all

$a = hash('sha256',$password);
$b = hash('sha512',$password);
User avatar
Skoalbasher
Forum Contributor
Posts: 147
Joined: Thu Feb 07, 2008 8:09 pm

Re: how to descript the password

Post by Skoalbasher »

Apollo wrote:
Skoalbasher wrote:Are sha1, 256 and 512 already in php? I use md5 like no tomorrow because it's already there for you.
sha1 is there by default (php.net reference), sha256 and sha512 are probably accessible through the hash function:

Code: Select all

$a = hash('sha256',$password);
$b = hash('sha512',$password);
Cool, yeah I went and looked it up. Thanks!
Post Reply