2011 年 PHP 密码哈希
在花了几个小时浏览了 SO 上有关在 PHP/MySQL 中处理密码的最安全方法的许多帖子后,我提出了这个问题。大多数答案似乎都相当过时,人们被定向到的链接也是如此。许多人推荐 md5 和 sha-1。
我们都知道 MD5 和 SHA-1 不再值得使用,因为它们已经被颠倒了,而且还有许多数据库已经建立了数百万个 md5/sha1 字符串。现在,显然你可以用盐来解决这个问题,我打算这样做。
然而,我最近开始使用漩涡,它看起来更安全,而且是最新的。我认为漩涡+盐足以保护密码是否正确?
我实际上在考虑这样的事情:
<?php
$static_salt = 'some_static_salt_string_hard_coded';
$password = 'some_password_here';
$salt = 'unique_salt_generated_here';
$encoded = hash('whirlpool', $static_salt.$password.$salt);
?>
你觉得怎么样?矫枉过正还是明智?
I'm bringing this up after spending a few hours trawling through a number of posts on SO with regards to the most secure way to handle passwords in PHP/MySQL. Most answers seem to be fairly out of date, as are links that people are directed to. Many recommend md5 and sha-1.
We all know that MD5 and SHA-1 are no longer worth using due to the fact that they have been reversed, and also because there are a number of databases out there that have built up millions of md5/sha1 strings. Now, obviously you get around this with salt, which I intend to do.
I have however recently started playing around with whirlpool, which seems much more secure, and up to date. Would I be right in thinking whirlpool+salt is ample protection for passwords?
I was actually considering something like this:
<?php
$static_salt = 'some_static_salt_string_hard_coded';
$password = 'some_password_here';
$salt = 'unique_salt_generated_here';
$encoded = hash('whirlpool', $static_salt.$password.$salt);
?>
What do you think? Overkill or sensible?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
这对于大多数应用程序来说可能已经足够了。
然而,如果你的数据库被泄露,盐就会变得(几乎)无用——如果你的配置文件也被泄露的话,包括静态盐。它们可以很好地防御彩虹表,但现在使用一堆 GPU 来暴力破解给定的哈希值会更容易。
恕我直言,目前最好的解决方案是使用 bcrypt。 PHP 5.3+ 显然支持它,这里有一个示例如何使用它。
This is probably good enough for most applications.
However, salts become (almost) useless if your DB is leaked -- including the static one if your configuration file is leaked too. They are a good protection against rainbow tables, but nowadays it's easier to use a bunch of GPUs to brute-force a given hash.
IMHO, currently the best solution is to use bcrypt. It's apparently supported in PHP 5.3+, and here's an example of how to use it.
这就足够了(但是,静态硬编码盐是没有意义的)。而且,为什么不使用 SHA256?漩涡浴很少使用。
This will be enough (however, there is no sense in static hardcoded salt). And, why not to use SHA256? Whirlpool is rarely used.
如果不更广泛地考虑威胁模型和实现细节,讨论特定算法的优点是毫无意义的。
是的,漩涡确实在哈希效率方面具有一些优势,但正如 Nickolay 所说,这可能具有欺骗性,并且由于它的使用范围较小。但还有其他考虑因素 - 出于某些目的,为每个帐户存储 128 个字符的字符串可能是不必要的开销。对于每个人来说,这都是软件支持什么的问题(有些人可能希望使用相同的帐户记录来控制对不同系统的访问)。
归根结底,您的散列算法有多复杂并不重要:
如果它适合您 - 那就太好了 - 但有没有通用的解决方案。
It's particularly meaningless to discuss the merits of particular algorithms without a much wider consideration of the threat models and specifics of implementations.
Yes, whirlpool does appear to have some advantages in terms of how effective it is as a hash, but as Nickolay says that may be deceptive and due to the fact it is less widely used. But there are other considerations too - for some purposes storing a 128 character string for each account may be an unnecessary overhead. For everyone it's a question of what the software supports (and some people might want to use the same account record to control access to different systems).
At the end of the day, it doesn't matter how sophisticated your hashing algorithm is:
If it works for you - then great - but there is no universal solution.