bcrypt强哈希
79% of participants in a recent ZoneAlarm survey were found to be using risky passwords. The data was used to present a very stylish infographic showing just how widespread the use of bad passwords really is. But no matter how hard it is to guess good passwords, they may be no more difficult to crack than bad ones depending on how the password is stored.
最近的ZoneAlarm调查中有79%的参与者使用了危险密码。 该数据用于呈现非常时尚的信息图,显示了错误密码的使用实际上是多么广泛。 但是,无论猜测好密码有多么困难,取决于密码的存储方式,破解好密码都不比坏密码难。
Back in 2006, Reddit confirmed that a copy of their database had been stolen. More troubling was the fact that all of the user passwords had been stored in Reddit’s database without being masked in any way! Many users were panicked because they used the same password for Reddit on many other sites too. This was a huge security breach that resulted in a major problem for many unfortunate members of Reddit. It’s shocking to think some web developers still believe storing passwords as plain text with no encryption or hashing is a good way to store a password.
早在2006年,Reddit确认其数据库副本已被盗。 更令人不安的是,所有用户密码都已存储在Reddit的数据库中,没有以任何方式被屏蔽 ! 许多用户感到恐慌,因为他们在其他许多站点上也使用相同的Reddit密码。 这是一个巨大的安全漏洞,对Reddit的许多不幸成员造成了重大问题。 令人震惊的是,一些Web开发人员仍然认为将密码存储为纯文本而不进行加密或散列是一种存储密码的好方法。
It’s now 2011, and even though most developers agree that obfuscating stored passwords is a mandatory security feature for any user driven website, the practices used are falling behind. Some believe MD5 is a safe way to encode passwords; this is a lie (a very bad one, too)! MD5 is a good method to obscure non-sensitive data but it can be very easily “decoded” using rainbow tables. I once heard the story of a web developer who could not access a client’s database after the client deleted an email that had his password details. The developer, after scouring through the client’s files on their server, found a nicely formatted text file containing the MD5 password hash. It was just a quick copy and paste procedure into an online rainbow table lookup utility before they were logged into the client’s database. This story has a happy ending as the client’s password were recovered and development could continue, but the shocking truth is this process could have easily been carried out by the hands of a malicious hacker.
现在是2011年,尽管大多数开发人员都同意混淆存储的密码对于任何用户驱动的网站都是强制性的安全功能,但所使用的做法却落伍了。 有些人认为MD5是编码密码的安全方法; 这是一个谎言(也是一个非常糟糕的谎言)! MD5是掩盖非敏感数据的好方法,但是可以使用彩虹表很容易地对其“解码”。 我曾经听说过一个Web开发人员的故事,该开发人员在客户端删除包含其密码详细信息的电子邮件后无法访问客户端的数据库。 开发人员在浏览客户机上服务器上的文件后,发现了一个格式良好的文本文件,其中包含MD5密码哈希。 在将它们登录到客户端数据库之前,这只是一个快速的复制过程,并将其粘贴到在线Rainbow表查找实用程序中。 随着客户密码的恢复和开发的继续,这个故事有了一个圆满的结局,但令人震惊的事实是,此过程很容易由恶意黑客实施。
So what exactly is a good option for secure password hashing? One stand-out option in PHP is Bcrypt. Bcrypt is an adaptive hash function based on the Blowfish symmetric block cipher cryptographic algorithm. It uses a Key Factor (or Work Factor) which adjusts the cost of hashing, which is probably Bcrypt’s most notable feature. The ability to increase the cost (time and processing power) of hashing in the future as computers become more powerful is what really sets Bcrypt apart from other functions.
那么,安全密码散列的最佳选择是什么呢? PHP中的一种突出选择是Bcrypt。 Bcrypt是一种基于Blowfish对称块密码算法的自适应哈希函数。 它使用一个可调整散列成本的关键因素(或工作因素),这可能是Bcrypt最著名的功能。 随着计算机功能越来越强大,将来增加哈希的成本(时间和处理能力)的能力真正使Bcrypt与其他功能脱颖而出。
Bcrypt can expand what is called its Key Factor to compensate for increasingly more-powerful computers and effectively “slow down” its hashing speed. Changing the Key Factor also influences the hash output, so this makes Bcrypt extremely resistant to rainbow table-based attacks. Newer computers can attempt to guess the original input of the hash, but it would still take the same amount of time (or longer) to verify whether its guess is a match or not. All this makes Bcrypt almost future proof!
Bcrypt可以扩展所谓的关键因素,以补偿功能越来越强大的计算机,并有效地“降低”其哈希速度。 更改密钥因子也会影响散列输出,因此这使Bcrypt极能抵抗基于彩虹表的攻击。 较新的计算机可以尝试猜测哈希的原始输入,但是仍然需要花费相同的时间(或更长时间)来验证其猜测是否匹配。 所有这些使Bcrypt几乎可以成为未来的证明!
Bcrypt is incredibly slow to hash input compared to other functions, but this results in a much better output hash. When it comes to hashing and encryption, faster is never better. The longer it takes to encode something, the longer it takes a computer to try and identify the input. As Thomas Ptacek writes in his article Enough with the Rainbow Tables, “The better you can optimize your password hash function, the faster your password hash function gets, the weaker your scheme is.” In Bcrypt’s case, it’s very slow. Consider this quote from Coda Hale’s article How to Safely Store a Password:
与其他函数相比,Bcrypt的哈希输入速度非常慢,但这会导致更好的输出哈希值。 当涉及到哈希和加密时,更快从来没有更好。 编码内容所需的时间越长,计算机尝试识别输入的时间就越长。 正如Thomas Ptacek在他的文章《 Rainbow Tables足够多》中所写的那样,“ 越能优化密码哈希函数,密码哈希函数越快获得,方案就越弱。” 在Bcrypt的情况下,它非常慢。 考虑一下Coda Hale的文章“ 如何安全存储密码”中的引言:
How much slower is bcrypt than, say, MD5? Depends on the work factor. Using a work factor of 12, bcrypt hashes the password yaaa in about 0.3 seconds on my laptop. MD5, on the other hand, takes less than a microsecond.
bcrypt比MD5慢多少? 取决于工作因素。 使用12的工作因子,bcrypt在我的笔记本电脑上在大约0.3秒内对密码yaaa进行哈希处理。 另一方面,MD5花费不到一微秒的时间。
Don’t think Bcrypt sounds like it would be too slow, though. As I mentioned earlier, you can set how large you want the cost of your your hashing to be. This means you can go for all-out-security but sacrifice time by using a huge Key Factor, or you can use a minimum Key Factor and reduce the time it takes to hash the input value. In either case, its this very feature that makes Bcrypt encryption so safe so you can’t lose with either option. It’s all up to you.
不过,不要以为Bcrypt听起来会太慢。 正如我之前提到的,您可以设置希望散列成本为多大。 这意味着您可以全力以赴,但是可以通过使用巨大的Key Factor牺牲时间,或者可以使用最小的Key Factor并减少散列输入值所需的时间。 无论哪种情况,它的这种功能都使Bcrypt加密非常安全,因此您不会因任何一种选择而迷失方向。 这一切都取决于你。
To put the ability of Bcrypt into perspective, let’s compare it to a suitable hashing algorithm, such as SHA-2. SHA-2 doesn’t use any cryptographic algorithms, but instead uses a hashing algorithm to generate its output (though both SHA-2’s and Blowfish’s algorithms can stand up to a very similar level of scrutiny). Bcrypt is much slower than SHA-2, and thus theoretically better. SHA-2 also isn’t adaptive like Bcrypt and its Key Factor, so it will be more susceptible to table-based attacks as computer processing power increases. SHA-2 is a completely capable hashing function for now, but Bcrypt wins out because it’s speed (with hashing, slower is always better) and adaptability.
为了透视Bcrypt的功能,让我们将其与合适的哈希算法(例如SHA-2)进行比较。 SHA-2不使用任何加密算法,而是使用哈希算法来生成其输出(尽管SHA-2和Blowfish的算法都可以经受非常相似的审查)。 Bcrypt比SHA-2慢得多,因此理论上更好。 SHA-2也不像Bcrypt及其关键因素那样具有自适应性,因此随着计算机处理能力的提高,SHA-2将更容易受到基于表的攻击。 SHA-2目前是一种功能齐全的散列函数,但是Bcrypt之所以胜出是因为它的速度(使用散列,越慢越好)和适应性强。
You might be thinking, “jeez these all seem to be very complex functions… is it really worth taking the time to change my password hashing strategy to use Bcrypt?” The answer is YES! Bcrypt is easy to use and will be worth using in the long run.
您可能会想,“哎呀,这些似乎都是非常复杂的功能……真的值得花时间更改我的密码哈希策略以使用Bcrypt吗?” 答案是肯定的! Bcrypt易于使用,从长远来看值得使用。
Bcrypt is available to you already if you are running PHP version 5.3, simply by using the crypt() function with a Blowfish required salt. It may be available in earlier versions if your system supports them, but I recommend 5.3 because PHP contains its own implementation of algorithm thus eliminating any additional dependencies).
如果您正在运行PHP版本5.3,则已经可以使用Bcrypt,只需将crypt()函数与需要Blowfish的盐一起使用即可。 如果您的系统支持它们,则可能在较早的版本中可用,但我建议5.3,因为PHP包含其自己的算法实现,因此消除了任何其他依赖性。
You can check if Bcrypt will work on your server by checking whether or not the CRYPT_BLOWFISH constant is defined and represents 1:
您可以通过检查CRYPT_BLOWFISH常量是否已定义并表示1:来检查Bcrypt在服务器上是否可以CRYPT_BLOWFISH :
<?php if (defined("CRYPT_BLOWFISH") && CRYPT_BLOWFISH) { echo "CRYPT_BLOWFISH is enabled!"; } else { echo "CRYPT_BLOWFISH is not available"; }After that, you only have to use code similar the following to hash you passwords before storing them:
之后,您只需要使用类似于以下代码的代码来哈希密码,然后再存储它们:
<?php $salt = '$2a$07$R.gJb2U2N.FmZ4hPp1y2CN$'; crypt("secretpassword", $salt);The salt must start with $2a$ followed by a two-digit Key Factor and another dollar-sign, and then contain 22 alphanumeric characters (a period and slash are also allowed). The PHP Manual explains the restrictions on the salt:
盐必须以$2a$开头,后跟两位数字键因子和另一个美元符号,然后包含22个字母数字字符(也可以使用句点和斜杠)。 PHP手册解释了盐的限制:
[…] salt as follows: “$2a$”, a two digit cost parameter, “$”, and 22 digits from the alphabet “./0-9A-Za-z”. Using characters outside of this range in the salt will cause crypt() to return a zero-length string. The two digit cost parameter is the base-2 logarithm of the iteration count for the underlying Blowfish-based hashing algorithmeter and must be in range 04-31, values outside this range will cause crypt() to fail.
[…] salt如下:“ $ 2a $”,一个两位数的成本参数“ $”,以及字母“ ./0-9A-Za-z”中的22位数字。 在salt中使用超出此范围的字符将导致crypt()返回长度为零的字符串。 两位数的成本参数是基础基于Blowfish的哈希算法的迭代计数的以2为底的对数,并且必须在04-31范围内,该范围之外的值将导致crypt()失败。
PHP allows developers to use Bcrypt with the greatest of ease, which begs the question why are you not using it? If you are running a version lower than 5.3, I implore you to upgrade your PHP installation. The importance of using a secure hashing function such as Bcrypt should be vital to anyone creating a web application that will store users’ passwords and other sensitive data.
PHP使开发人员可以最轻松地使用Bcrypt,这引出了一个问题,为什么不使用它? 如果您运行的版本低于5.3,我恳请您升级PHP安装。 使用诸如Bcrypt之类的安全哈希函数的重要性对于创建将存储用户密码和其他敏感数据的Web应用程序的任何人都至关重要。
Besides its ease, I encourage you to use Bcrypt because of the fact it will keep up with Moore’s Law. I know I’ve already covered this earlier, but I feel the need to stress how important this fact is. If you start using Bcrypt now, you can rest assured all your users’ passwords are hashed with a function that is not going to be made obsolete over night. The key to this is the ability to customize the work rate, or Key Factor as I referred to it earlier.
除了它的易用性之外,我建议您使用Bcrypt,因为它会符合摩尔定律 。 我知道我之前已经介绍过了,但是我觉得有必要强调这个事实的重要性。 如果您现在开始使用Bcrypt,则可以放心,所有用户的密码都可以通过一项不会在一夜之间过时的功能进行哈希处理。 关键在于自定义工作率的能力,或者是我之前提到的关键因素。
So there you have it, my personal recommendation why you should be using Bcrypt to hash passwords and other sensitive data. Here is a list of sites and articles you can read if you’d like to learn more about Bcrypt or Blowfish:
因此,我个人建议您为什么要使用Bcrypt哈希密码和其他敏感数据。 如果您想了解有关Bcrypt或Blowfish的更多信息,这是您可以阅读的网站和文章列表:
PHP Manual – crypt
PHP手册– crypt
Enough with the Rainbow Tables: What you Need to Know About Secure Password Schemes
足够使用Rainbow表:您需要了解的安全密码方案
How to Safely Store a Password
如何安全存储密码
Use Bcrypt, Fool!
使用Bcrypt,傻瓜!
Please Use Bcrypt to Store Your Passwords
请使用Bcrypt存储您的密码
Wikipedia – Blowfish (cypher)
维基百科–河豚(密码)
Stack Overflow – How Do You Use Bcrypt for Hashing Passwords in PHP
堆栈溢出–如何使用Bcrypt在PHP中哈希密码
Image via Valerie Potapova / Shutterstock
图片来自Valerie Potapova / Shutterstock
翻译自: https://www.sitepoint.com/why-you-should-use-bcrypt-to-hash-stored-passwords/
bcrypt强哈希
相关资源:25个经典网站源代码