ENCRYPTION

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

What do you use for encryption?

Poll ended at Fri Jun 23, 2006 9:10 pm

mcrypt_encrypt
2
17%
gnupg_encrypt
0
No votes
md5
4
33%
crypt
0
No votes
Other (Please post below)
6
50%
 
Total votes: 12

User avatar
tecktalkcm0391
DevNet Resident
Posts: 1030
Joined: Fri May 26, 2006 9:25 am
Location: Florida

ENCRYPTION

Post by tecktalkcm0391 »

What 'encryption' methods have been cracked?
Roja
Tutorials Group
Posts: 2692
Joined: Sun Jan 04, 2004 10:30 pm

Re: ENCRYPTION

Post by Roja »

tecktalkcm0391 wrote:What 'encryption' methods have been cracked?
Cracked is imperfect language for cryptology. The terms generally preferred are broken, weakened, or compromised.

Each has its own meaning. First you find flaws in the algorithm - it is weakened below the (expected, published) brute force strength it once had.

Then you find structural problems in the algorithms - allowing you to compromise them, reducing the brute force strength substantially, and in a clear fashion that doesn't rely on hardware choices.

Finally, you break the algorithm. You find a way to (near) instantly decode the encryption. You reduce its strength to a trivial level.

Few algorithms have been truly broken. Plenty have been compromised, or weakened.

However, your poll is also flawed in selections. MD5 isn't encryption. Its a cryptographic hash. You can't decode an md5sum. You can only predict the correct hash (collision), in a short period of time.
User avatar
Oren
DevNet Resident
Posts: 1640
Joined: Fri Apr 07, 2006 5:13 am
Location: Israel

Post by Oren »

Well... Currently md5, but not for long. I'll keep using md5, but not as "pure md5". At the beginning I used to use md5 with some kind of salt, but then I've got the impression that "pure md5" is secure enough and would do the job - which is obviously wrong. So the next time I code anything that needs to keep some data secured, passwords for a login system for example, I'm going to make a small research and dedicate more thought before I do anything.
User avatar
Maugrim_The_Reaper
DevNet Master
Posts: 2704
Joined: Tue Nov 02, 2004 5:43 am
Location: Ireland

Post by Maugrim_The_Reaper »

Replace MD5 with SHA256 - you can use either the mcrypt extension, or feyd has a PHP implementation in Code Snippets.
User avatar
Oren
DevNet Resident
Posts: 1640
Joined: Fri Apr 07, 2006 5:13 am
Location: Israel

Post by Oren »

Yeah, I've read before about this SHA256 on this forum, but can you tell me what it is exactly? What should I do in order to be able to use it?
Thanks.
User avatar
Maugrim_The_Reaper
DevNet Master
Posts: 2704
Joined: Tue Nov 02, 2004 5:43 am
Location: Ireland

Post by Maugrim_The_Reaper »

It does the same thing (well, not exactly - it's far more secure) as MD5 - creates a hash of any value you pass it.

It's not available as a native PHP function like md5() or sha1() - you need to use the mcrypt library (which must be available in your host) or else a PHP implementation such as feyds. The mcrypt lib is documented in the PHP Manual - feyd has a write up of his class's use in the source code header. In both cases it's almost as simple as a straight md5() call... Not much to it - you may just need to make your password database field longer (SHA256 creates a 64 character hash instead of MD5's 32)

See here for feyd's PHP class - viewtopic.php?t=32334

You use it simple by including the class file and calling

Code: Select all

$hash = SHA256::hash('somestring');
User avatar
Oren
DevNet Resident
Posts: 1640
Joined: Fri Apr 07, 2006 5:13 am
Location: Israel

Post by Oren »

Ok, thanks. Do you think it's better than md5 + salt and such?
User avatar
Maugrim_The_Reaper
DevNet Master
Posts: 2704
Joined: Tue Nov 02, 2004 5:43 am
Location: Ireland

Post by Maugrim_The_Reaper »

Using a salt makes it even more secure - but on a number of levels SHA256+salt is far more secure than MD5+salt.
User avatar
Oren
DevNet Resident
Posts: 1640
Joined: Fri Apr 07, 2006 5:13 am
Location: Israel

Post by Oren »

Maugrim_The_Reaper wrote:on a number of levels SHA256+salt is far more secure than MD5+salt.
Kinda obvious, but why "on a number of levels"? Is there a case where md5 + salt is better? It doesn't make sense to me.
User avatar
daedalus__
DevNet Resident
Posts: 1925
Joined: Thu Feb 09, 2006 4:52 pm

Post by daedalus__ »

You have to know some serious math to predict md5 collisions, don't you?
User avatar
jayshields
DevNet Resident
Posts: 1912
Joined: Mon Aug 22, 2005 12:11 pm
Location: Leeds/Manchester, England

Post by jayshields »

Or you could just use one of the rainbow tables which has already found hundreds of thousands of collisions.

I chose md5 on the poll, because I still use it, but I use a salt - which I believe to still be secure enough.
User avatar
daedalus__
DevNet Resident
Posts: 1925
Joined: Thu Feb 09, 2006 4:52 pm

Post by daedalus__ »

Oh.

I was thinking about switching too, but I just use a really long salt.
AGISB
Forum Contributor
Posts: 422
Joined: Fri Jul 09, 2004 1:23 am

Post by AGISB »

Oren wrote:
Maugrim_The_Reaper wrote:on a number of levels SHA256+salt is far more secure than MD5+salt.
Kinda obvious, but why "on a number of levels"? Is there a case where md5 + salt is better? It doesn't make sense to me.
Yes there is. If the security is not so important but the performance is. md5 is way faster than sha256
User avatar
Oren
DevNet Resident
Posts: 1640
Joined: Fri Apr 07, 2006 5:13 am
Location: Israel

Post by Oren »

Read again... We were talking about security, nothing else :wink:
User avatar
Maugrim_The_Reaper
DevNet Master
Posts: 2704
Joined: Tue Nov 02, 2004 5:43 am
Location: Ireland

Post by Maugrim_The_Reaper »

Is there a case where md5 + salt is better?
None. There are arguments to the contrary but every one of them argues that using a salt makes an MD5 hash impervious - that is simply not true. The salt itself may be compromised in the event a server is hacked, which will compromise the salted MD5 hashes, which will lead to rainbow table lookups which are SIMPLE for MD5. This is the part people fail to see - you don't need a supercomputer to create MD5 collisions!

In all cases SHA256 is significantly more secure. On the other hand MD5 is still "good enough" for some uses, maybe file hash comparison and similar where performance is worth considering, and the risk minute. But for sensitive data hashing it's just not "good enough". If I have your MD5 hash (and optionally a salt if used) I can run all your stored password hashes across a rainbow table and search for collisions. It's as simple as that.

It is highly recommended by myself that you switch to SHA256 if possible. I've recommended the same to dozens of clients over the last two years. Why settle for lower security? It's a no brainer.
Post Reply