Page 1 of 1

Safely store password and username in a cookie?

Posted: Sat Sep 27, 2008 8:16 am
by kaisellgren
Hi,

EDIT: Check my post below, the 3rd post..

Re: Safely store password and username in a cookie?

Posted: Sat Sep 27, 2008 10:12 am
by arjan.top

Re: Safely store password and username in a cookie?

Posted: Sat Sep 27, 2008 11:04 am
by kaisellgren
Here is what I have been doing so far. I hope some security gurus could take a look at this.

1) Login form that operates through SSL. The form will never appear if the SSL is not running.
2) Only max 5 login tries per IP or ban for 24 hours.
3) There is a global pepper (random string) in a config file. Then, everytime an accoutn is created, it will get its own salt into the db. So when logging in, this is what happens:

Code: Select all

$pass = hash('sha512',$pepper . $password . $salt);
Basically what I am trying to achieve with the above is that the $salt is different for every user, so to get the password you must now the salt (aka have the SQL access). Even if you have the SQL access, you still would need the $pepper which is not in the SQL database, instead in a .php file ;) is there any problems with this?
4) If the user agent is different than the one in the last successful "logged in" -situation, then log out and ask for a password.
5) If the IP address is different in the first two dots, then log out and ask for a password. This means e.g. IP like 72.72.72.72 can not suddenly change to 72.73.0.0, but can change to 72.72.73.72 though. Also I am providing an extra option to the control panel to change this.
6) When you try to go/use the control panel, it checks if the session is authorized which means it checks the cookie details:
The cookies has a session id of hash('sha512',uniqid(mt_rand(),true)); which was generated when the user logged in successfully last time, so if the last logins generated hash do not match the one in the cookie, then do not allow being logged into the CP.
The cookie also stores the user id.

What am I trying to do: My own session system that keeps the user logged in for x minutes, up to a few hours and it must be fully secure. We are talking about very confidential information here that can be accessed from the CP.

EDIT: I forgot to mention that the session id changes between every reload of an authorized page. Isn't this a good thing? And also there is no way for an attacker for "fix" the id, not through url PHPSESSID= wont work or anything else.

EDIT 2: Some one just told me to use SHA256 instead of MD5. I was going to use SHA512, isn't SHA512 > SHA256? Why was he suggesting 256 instead of 512 :/?

EDIT 3: Looks like I have lots of edits today :D

Anyway, I got an idea. Since my script is going to be open to public... any attacker will see how the pass is constructed, e.g. $pepper . $salt . $pass or so... so instead of that I would create lets say 10 different mehods for this and in the installation of the script it decides which to use, so even if the attacker knows certain details about my passwords salts or system he would still repeat attacks 10 times more because he cant know which of the pass generation methods the server is using ;) ?

Re: Safely store password and username in a cookie?

Posted: Sat Sep 27, 2008 4:19 pm
by arjan.top
so you want secure "auto-login"?

Re: Safely store password and username in a cookie?

Posted: Sat Sep 27, 2008 5:09 pm
by kaisellgren
arjan.top wrote:so you want secure "auto-login"?
You got it :p

Re: Safely store password and username in a cookie?

Posted: Sun Sep 28, 2008 6:10 am
by arjan.top
you could try salting it like password:
in the database write uniqid() at login
define $salt in php

then write hash of both in the cookie, that way access to database is not enaugh to "steal" autologin value

the problem is with matching cookie to user, you have to iterate over all users and hash the uniqid (maybe databases can do sha/md5 too, then it would be simpler)

EDIT: looks like mysql can do sha1 and md5

Re: Safely store password and username in a cookie?

Posted: Sun Sep 28, 2008 6:12 am
by kaisellgren
arjan.top wrote:you could try salting it like password:
in the database write uniqid() at login
define $salt in php

then write hash of both in the cookie, that way access to database is not enaugh to "steal" autologin value

the problem is with matching cookie to user, you have to iterate over all users and hash the uniqid (maybe databases can do sha/md5 too, then it would be simpler)

EDIT: looks like mysql can do sha1 and md5
Hm...

Do you happen to know a good random number generation for cryptographic use?

Re: Safely store password and username in a cookie?

Posted: Sun Sep 28, 2008 6:21 am
by arjan.top
1. why would you need it?
2. mt_rand() is better than rand(), but as I read not good enaugh for criptography

Re: Safely store password and username in a cookie?

Posted: Sun Sep 28, 2008 6:25 am
by kaisellgren
arjan.top wrote:1. why would you need it?
2. mt_rand() is better than rand(), but as I read not good enaugh for criptography
Yup, mt_rand() is clearly not enough for cryptography. Do you have any ideas on generating as truly random number as possible? There are lots of problems with mt_rand() if you blindly rely on it for creating secret values such as session ids, passwords, activation links or such.

Re: Safely store password and username in a cookie?

Posted: Sun Sep 28, 2008 6:28 am
by arjan.top
maybe Mordred can help

Re: Safely store password and username in a cookie?

Posted: Mon Sep 29, 2008 3:37 am
by Mordred
uniqid() should be fine, although I am not a cryptologist and don't know the details on its implementation on different systems. It is most certainly better than mt_rand and rand.

The post arjan.top already linked to has my explanation on why there's no sense in using longer hash functions in this case.

Re: Safely store password and username in a cookie?

Posted: Mon Sep 29, 2008 3:43 am
by s.dot
If the data has to be that secure, I wouldn't use an auto-login feature. Make them enter their password. And using a username that is displayed publicly isn't a good idea for the login either, cuz that's 1/2 of the login equation.

Re: Safely store password and username in a cookie?

Posted: Mon Sep 29, 2008 6:53 am
by kaisellgren
@scottayy: yup, agree.
Mordred wrote:uniqid() should be fine, although I am not a cryptologist and don't know the details on its implementation on different systems. It is most certainly better than mt_rand and rand.

The post arjan.top already linked to has my explanation on why there's no sense in using longer hash functions in this case.
I read the Stefan Esser's blog about PHP and not so random numbers, here: http://www.suspekt.org/2008/08/17/mt_sr ... m-numbers/

It clearly explains how you could get in troubles when you rely on mt_rand() in cryptography. That's why I am wondering, what could be a better way to generate random numbers/values if not mt_rand().

Right now I'm using this function to generate randoms:

Code: Select all

$rnd = '';
$gseed = '';
 
public function rand2($min = 0,$max = 0)
 {
  global $rnd,$gseed;
  $seed = $gseed;
 
    // Reset $rnd_value after 14 uses
    // 32(md5) + 40(sha1) + 40(sha1) / 8 = 14 random numbers from $rnd_value
    if ( strlen($rnd_value) < 8 ) {
        $rnd_value = md5( uniqid(microtime() . mt_rand(), true ) . $seed );
        $rnd_value .= sha1($rnd_value);
        $rnd_value .= sha1($rnd_value . $seed);
        $seed = md5($seed . $rnd_value);
        $gseed = $seed;
    }
 
    // Take the first 8 digits for our value
    $value = substr($rnd_value, 0, 8);
 
    // Strip the first eight, leaving the remainder for the next call to wp_rand().
    $rnd_value = substr($rnd_value, 8);
 
    $value = abs(hexdec($value));
 
    // Reduce the value to be within the min - max range
    // 4294967295 = 0xffffffff = max random number
    if ( $max != 0 )
        $value = $min + (($max - $min + 1) * ($value / (4294967295 + 1)));
 
    return abs(intval($value)); 
}
 
echo rand2();
It is inspired by Stefan, Wordpress and my brains. I'll surely give credits to guys who have hands in this function, but right now I would like to create a random function that I can use to generate secret "things". Let's say random password, activation link.