Crypt 和 Salt 如何比 MD5 更安全地抵御暴力攻击?
我在 PHP.net 上看到 MD5 没用,他们建议使用 crypt + salt。
因此,我查看了他们的功能描述并阅读了
<?php
$password = crypt('mypassword'); // let the salt be automatically generated
/* You should pass the entire results of crypt() as the salt for comparing a
password, to avoid problems when different hashing algorithms are used. (As
it says above, standard DES-based password hashing uses a 2-character salt,
but MD5-based hashing uses 12.) */
if (crypt($user_input, $password) == $password) {
echo "Password verified!";
}
?>
类似的内容:
$stored_password=fetch_password($user);
if (crypt($_REQUEST['password'],$stored_password)===$stored_password) {
// ok
}
所以,当我看到盐存储在散列密码中并且您使用该散列密码作为盐时,我认为 Crypt + Salt 并不更安全对抗暴力输出(成功窃取散列密码的黑客)。是不是更安全?
对于字典攻击,我可以理解它的威力,但是对于哈希密码的暴力攻击,我看不到它的优势。
I read on PHP.net that MD5 is useless, and they suggest using crypt + salt.
So, I went to their function description and read
<?php
$password = crypt('mypassword'); // let the salt be automatically generated
/* You should pass the entire results of crypt() as the salt for comparing a
password, to avoid problems when different hashing algorithms are used. (As
it says above, standard DES-based password hashing uses a 2-character salt,
but MD5-based hashing uses 12.) */
if (crypt($user_input, $password) == $password) {
echo "Password verified!";
}
?>
or in my case something like :
$stored_password=fetch_password($user);
if (crypt($_REQUEST['password'],$stored_password)===$stored_password) {
// ok
}
So, when I see that the salt is stored in the hashed password and that you use that hashed password as salt, I think Crypt + Salt is not more secure against a brute force on output (hackers who managed to steal hashed passwords). Is it more secure?
Against a dictionary attack, I can understand its power, but for a brute force attack on hashed passwords, I don't see the advantage.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
当在散列之前对字符串(示例中的密码)应用盐时,散列现在变成了与没有盐时相比的另一个散列。
如果没有盐,您可以只使用预先存在的字典 - 现在您需要创建一个盐字典。如果您使用用户特定的盐,则每个用户在使用暴力时都需要拥有自己的字典。这变得更加耗时。
MD5 是一种损坏的算法,因为它存在冲突漏洞。
When applying salt to a string (password in the example) before hashing, the hash now becomes another hash than it would without the salt.
Without the salt, you could just use a pre-existing dictionary - now instead you need to create a dictionary to the salt. If you use a user specific salt, each user needs to have it's own dictionary when using brute force. This becomes way more time consuming.
MD5 is a broken algoritm because of its collision vulnerabilities.
具有哈希值的加密比 MD5 更昂贵。攻击者需要更多的计算时间,因此更安全。
对于密码和 MD5,攻击者可以使用 MD5 的预计算表 PLUS 具有 MD5 速度非常快的优点。
对于密码和加盐的 crypt,预先计算的表是无用的,PLUS crypt 需要比 MD5 更多的马力
。有一些特制的算法(google bcrypt),故意提高计算成本来进一步实现这一点。
Crypt with hash is simply more expensive than MD5. An attacker would need more compute time, thence this is more secure.
For a password and MD5, an attacker could use precomputed tables for MD5 PLUS have the advantage of MD5 to be very fast.
For a password and salted crypt, precomputed tables would be useless, PLUS crypt needs more horsepowers than MD5
There are specially-crafted algoritms (google bcrypt), that have an intentionally high compute cost to take this even further.
盐阻碍彩虹表和彩虹表通过使哈希密码唯一来哈希字典。
它们还有助于防止某人窃取您的哈希密码列表并使用该列表来访问不同站点上的帐户(通过反转哈希或类似方法)。
它无助于抵御传统的暴力攻击。
Salts impede rainbow tables & hash dictionaries by making your hashed passwords unique.
They also help prevent someone from stealing your list of hashed passwords and using that to gain access to accounts on a different site (by reversing the hash or similar).
It will not help against a traditional brute force attack.