more secure md5() ?
Moderator: General Moderators
- Pyrite
- Forum Regular
- Posts: 769
- Joined: Tue Sep 23, 2003 11:07 pm
- Location: The Republic of Texas
- Contact:
Still, the point of MD5 is not encryption or security. Even though most php'ers use it for that purpose. The point is that it creates an exact signature of a string or file that is useful for comparison (ie. check what the user inputs against what is in the db / or check a file downloaded from a mirror site with an md5 hash of the original file to see if has changed or been tampered with. Security is more important to look at on the server, the network, the client or the db server.
- feyd
- Neighborhood Spidermoddy
- Posts: 31559
- Joined: Mon Mar 29, 2004 3:24 pm
- Location: Bothell, Washington, USA
I wasn't disagreeing with you. I simply wanted to illustrate the differences from MD5 to SHA256.
True though, their intention is to signature larger data sets. Although hashing is technically a form of encryption because a compression algorithm is performed on the data... although I don't like to consider it encryption.
True though, their intention is to signature larger data sets. Although hashing is technically a form of encryption because a compression algorithm is performed on the data... although I don't like to consider it encryption.
- Pyrite
- Forum Regular
- Posts: 769
- Joined: Tue Sep 23, 2003 11:07 pm
- Location: The Republic of Texas
- Contact:
So does that mean that Zip, RAR and JPEG is encryption too? Surely not!feyd wrote:Although hashing is technically a form of encryption because a compression algorithm is performed on the data... although I don't like to consider it encryption.
I wasn't disagreeing with you though, was simply stating for the others. If you like, check out RFC1321 of what MD5 exactly is.
http://www.faqs.org/rfcs/rfc1321.html
Compression != encryption.feyd wrote:Although hashing is technically a form of encryption because a compression algorithm is performed on the data...
A cheap definition of encryption could be "The act of altering data to make it unreadable unless you know how to decrypt it".
Merely compressing something doesn't make it encrypted, and in fact, a hash isn't even truly compression (it looses the content, giving a unique representation of the data - NOT a smaller version of the same data).
Some other misconceptions.. MD5 is no longer considered secure - in crypto circles.
Cryptology is all relative. So, for example, previously, md5 had a brute-force time in the months-long range. Now, based on the latest findings, its been reduced to under 8 hours using a standard desktop. Thats a severe break!
Now factor in that some attackers have botnets in the 1,000 computer range, and suddenly, its a very serious issue for sites that require "trust".
SHA1 has also had some hits lately, although not nearly as dramatic, they also reduced the brute-force time a substantial amount.
What does this mean for a php developer? Well, lets take a forum, or an online game. The user's passwords are hashed, and the hash is stored.
If an attacker were able to get that list of hashes, previously, it would have been nearly useless - it would have taken months for EACH hash to be brute-forced. Now, however, with even a few computers, in a matter of 3-4 days, the attacker can have the vast majority of the passwords!
When you consider that most people re-use passwords, suddenly, even a simple online game or forum becomes a valuable target. What if the user reused that password on ebay? Or his bank?
The point is, if you are choosing to hash a password, you care about security. If you care about security, don't give people a false sense of security. Their online lives may be compromised by your shortcuts!!
Right now, SHA-256 is considered secure for the forseeable future. Several threads have posted a php version and a javascript version, which is all you need to implement both ends of a fairly secure login system.
First, the SHA256 function posted in another thread is only 1.2% slower than sha1, and only 9% slower than the native md5() function from php. The fact that all three are in the less-than-1/4-a-second range on a 1ghz machine, it starts to be silly to say "its slower". The execution time is really a trivial difference. You'd be better off working on trimming some SQL calls.php_wiz_kid wrote:I usually just MD5 it once. I doubt someone will go to the lengths to either unhash or bruteforce your password unless your site has a lot of sensitive information. If your site is high traffic or you expect there to be high traffic then I'd use MD5 rather than SHA256 because of execution speed. If your site is an internal application and only works over an intranet or it's a low traffic site then SHA256 might be a consideration if you're really wanting to keep passwords protected. Just keep in mind that it would take a while to bruteforce a 64-bit password. I find MD5 to be rather secure.
As to "I find MD5 to be rather secure" - The latest finding shows that it takes 8 hours on a 1.6ghz desktop to brute force a given md5. Thats *not* secure.
As to "I doubt someone will go to the lengths to either unhash or bruteforce your password unless your site has a lot of sensitive information", *all sites do*. Even a trivial game or forum online is likely to have at least a few users who reuse their passwords and usernames on other sites - sensitive sites, with valuable information.
Combine the relatively weak security on a forum (phpbb, ipb, etc), with the likely chance that a user used the same password and username on a tight security website (bank, ebay), and suddenly, it becomes very worthwhile for an attacker.
- Pyrite
- Forum Regular
- Posts: 769
- Joined: Tue Sep 23, 2003 11:07 pm
- Location: The Republic of Texas
- Contact:
I agree, and from the MD5 rfc, it shows that the authors intention was to only make a signature of data with MD5 and then encrypt it using a public-key system, a two part process.
The MD5
algorithm is intended for digital signature applications, where a
large file must be "compressed" in a secure manner before being
encrypted with a private (secret) key under a public-key cryptosystem
such as RSA.
The MD5
algorithm is intended for digital signature applications, where a
large file must be "compressed" in a secure manner before being
encrypted with a private (secret) key under a public-key cryptosystem
such as RSA.
- Chris Corbyn
- Breakbeat Nuttzer
- Posts: 13098
- Joined: Wed Mar 24, 2004 7:57 am
- Location: Melbourne, Australia
- Maugrim_The_Reaper
- DevNet Master
- Posts: 2704
- Joined: Tue Nov 02, 2004 5:43 am
- Location: Ireland
It is possible to utilise hashing to secure password transmission - and you can make a secondary check to bypass javascript supported hashing for client with js disabled - just make sure the form still allows sending of the plain text password if js is disabled - or fails.
You can see an example of such a process here: http://www.sanisoft.com/phplib/manual/auth_Response.php
You can see an example of such a process here: http://www.sanisoft.com/phplib/manual/auth_Response.php
- n00b Saibot
- DevNet Resident
- Posts: 1452
- Joined: Fri Dec 24, 2004 2:59 am
- Location: Lucknow, UP, India
- Contact: