Variable encryption method

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
User avatar
VirtuosiMedia
Forum Contributor
Posts: 133
Joined: Thu Jun 12, 2008 6:16 pm

Variable encryption method

Post by VirtuosiMedia »

Just an idea to throw out there, but what do you think about allowing an admin to choose their method of encryption and their salt during the install for a web-based distributable app? For instance, allow them to choose between SHA256, SHA512, etc. Their choice would then be applied in every instance where encryption is needed in the application. Outdated or cracked algorithms wouldn't be included as choices. The idea is that for multiple installs of the same program across the web, you don't know what encryption method is being used. As a practical matter, would this add any more security?
LBmtb
Forum Newbie
Posts: 23
Joined: Wed May 14, 2008 11:14 am

Re: Variable encryption method

Post by LBmtb »

I would say so, yes. It is a bit on the paranoid side . . . but then again isn't that what being secure is all about?
User avatar
VirtuosiMedia
Forum Contributor
Posts: 133
Joined: Thu Jun 12, 2008 6:16 pm

Re: Variable encryption method

Post by VirtuosiMedia »

LBmtb wrote:I would say so, yes. It is a bit on the paranoid side . . . but then again isn't that what being secure is all about?
Just because I'm paranoid doesn't mean someone isn't out to get me. :wink:
User avatar
Mordred
DevNet Resident
Posts: 1579
Joined: Sun Sep 03, 2006 5:19 am
Location: Sofia, Bulgaria

Re: Variable encryption method

Post by Mordred »

(Hashing, not encryption)
Yes and no.
You can't (easily; without some worries with the users) change the hashing scheme at runtime. Besides, it is pointless (see below)
You should not let the admin choose his own salt. He'll choose "salt". Instead, generate one with a strong random. Keep it in a config file. Combine it with a per-user salt.
Details: viewtopic.php?t=62782

The secrecy of the hashing scheme will not come from the secrecy of what particular scheme was chosen, but from its parameters - like the salts and how they are applied.
If the attacker has access to your hashes, he will surely know which function was used from the size of the hash. Let him know, it's generally of little help to him, if you have good salts.
User avatar
VirtuosiMedia
Forum Contributor
Posts: 133
Joined: Thu Jun 12, 2008 6:16 pm

Re: Variable encryption method

Post by VirtuosiMedia »

Mordred wrote:(Hashing, not encryption)
The secrecy of the hashing scheme will not come from the secrecy of what particular scheme was chosen, but from its parameters - like the salts and how they are applied. If the attacker has access to your hashes, he will surely know which function was used from the size of the hash. Let him know, it's generally of little help to him, if you have good salts.
Those are good points. Thanks.
Post Reply