md5 safe?
After various security incidents, many systems when storing passwords stored in plain text password does not directly, most of the changed password encryption to store the md5 (hash) after, but this really safe?
Here's a script to test the speed of MD5 , the test results:
[root@f4d5945f1d7c tools]# php speed-of-md5.php
Array
(
[rounds] => 100
[times of a round] => 1000000 [avg] => 0.23415904045105 [max] => 0.28906106948853 [min] => 0.21188998222351 )Have not found a problem: MD5 too fast, it is easy to lead to brute force.
A simple calculation:
> Math.pow(10, 6) / 1000000 * 0.234 0.234 > Math.pow(36, 6) / 1000000 * 0.234 / 60 8.489451110400001 > Math.pow(62, 6) / 1000000 * 0.234 / 60 / 60 3.69201531296-
Use six pure digital password, crack just 0.234 seconds!
-
Use 6 numbers + lowercase letters password, crack just 8.49 minutes!
-
Using a 6-digit password + mixed-case letters, as long as 3.69 hours to crack!
Of course, use longer passwords will significantly increase the difficulty of guessing:
> Math.pow(10, 8) / 1000000 * 0.234
23.400000000000002 > Math.pow(36, 8) / 1000000 * 0.234 / 60 / 60 / 24 7.640505999359999 > Math.pow(62, 8) / 1000000 * 0.234 / 60 / 60 / 24 / 365 1.6201035231755982-
Using eight pure digital password, crack to 23.4 seconds!
-
8-bit numbers + lowercase letters password, crack to 7.64 hours!
-
+ 8-bit digital mixed-case letters password, crack to 1.62 years!
But do not forget, this is just the speed with PHP interpreted this language to run out on (i5-4460 CPU 3.20GHz) weak chicken in my PC, just use a thread a CPU core. If put on the latest Xeon E7 v4 series CPU server to run full use of its 48 threads, and use the C language to re-write the test code, it is easy to upgrade the speed of a few hundred thousand times. So even with the 8-digit password + mixed-case letters, crack as long as 14 hours!
What's more, many people are using passwords more regular letters or numbers, can reduce the difficulty of brute force ... If you do not add salt or salt fixed, then the rainbow table is even more easy to break a ...
So how to enhance the security of passwords stored in it? bcrypt!
Improve security is to upgrade the difficulty of guessing the password, so that at least the difficulty of brute force attacker can not afford to upgrade the point. (Of course, the length of the user's password, of course, also very important, it is recommended at least eight, the longer the safe)
Here have a spots: PHP is really the world's best language - standard library which has been given a solution.
PHP version 5.5 added a password_xxx series of functions , while the previous version, there are also compatible with the library can be used: password_compat .
Provides a series of concise password stored in the package called "cryptographic hash algorithm," the extension of the core function. Brief introduction:
-
password_hashfunction is md5 password encryption (hash), currently used by default (only used) bcrypt algorithm, the equivalent of an enhanced version -
password_verifyIs a password verification function, safe string comparison algorithm internal use, and time-based attacks can be prevented, equivalent to$hashedPassword === md5($inputPassword) -
password_needs_rehashIs a function to determine whether you need to upgrade, this function is powerful, and again the following detailed talk
password_hash We need to pass an algorithm that can be used now by default and are only bcrypt algorithm, which is how an algorithm do? Why PHP standard library which will choose bcrypt it?
bcrypt Blowfish algorithm is an algorithm based on dedicated password hashes by Niels Provos and David Mazieres design. This special algorithm is that the pursuit of other algorithms are fast, this algorithm has a crucial argument:. Cost as its name suggests, the larger the value, the longer the time-consuming, but is exponentially - - encrypting a part of the process is such that:
EksBlowfishSetup(cost, salt, key)
state <- InitState()
state <- ExpandKey(state, salt, key)
repeat (2^cost) // "^"表示指数关系 state <- ExpandKey(state, 0, key) state <- ExpandKey(state, 0, salt) return stateThe following are the results of such a test author (personal weak machine PC, i5-4460 CPU 3.20GHz):
cost time
8 0.021307
9 0.037150
10 0.079283 11 0.175612 12 0.317375 13 0.663080 14 1.330451 15 2.245152 16 4.291169 17 8.318790 18 16.472902 19 35.146999Attachment: test code
This speed is simply the difference compared with the md5 snail and a cheetah - even by cost = 8, an 8-bit passwords uppercase and lowercase letters + numbers have 14 years to break out of violence, not to mention the general server will be set to at least value of 10 or more (54 years or longer would need a).
Clearly, cost is not the bigger the better, the greater then will take up the CPU servers, but easily lead to DOS attacks. The recommended setting is 10 to 12 can be configured according to the needs and operations of the server. The best while the same user logs onto the same IP limit the number of attempts made to prevent DOS attacks.
A secure password storage program
The upper total, a secure password stored program should be like this:( directly put bar codes)
class User extends BaseModel { const PASSWORD_COST = 11; // 这里配置bcrypt算法的代价,根据需要来随时升级 const PASSWORD_ALGO = PASSWORD_BCRYPT; // 默认使用(现在也只能用)bcrypt /** * 验证密码是否正确 * * @param string $plainPassword 用户密码的明文 * @param bool $autoRehash 是否自动重新计算下密码的hash值(如果有必要的话) * @return bool */ public function verifyPassword($plainPassword, $autoRehash = true) { if (password_verify($plainPassword, $this->password)) { if ($autoRehash && password_needs_rehash($this->password, self::PASSWORD_ALGO, ['cost' => self::PASSWORD_COST])) { $this->updatePassword($plainPassword); } return true; } return false; } /** * 更新密码 * * @param string $newPlainPassword */ public function updatePassword($newPlainPassword) { $this->password = password_hash($newPlainPassword, self::PASSWORD_ALGO, ['cost' => self::PASSWORD_COST]); $this->save(); } }This way, at the time of registration or change the password on calls $user->updatePassword() to set a password to log on and when to call $user->verifyPassword() to verify the password is correct under.
When the hardware performance to a certain extent, and cost = 11 can not meet the security requirements of the time under the modified PASSWORD_COST value can seamlessly upgrade, make more secure password storage.
Password hashing algorithm
- Brief introduction
- Installation / Configuration
- Predefined Constants
- Cryptographic hash function algorithm
- password_get_info - Returns the hash (hash) of the relevant information
- password_hash - Create a password hash (hash)
- password_needs_rehash - Detection hash value matches the specified options
- password_verify - and verify whether the password hash values match