Posted by David T. Ashley on 01/08/07 16:10

"Cord-Heinrich Pahlmann" <SPAM@Heineken2000.de> wrote in message
news:1168000285.240787.131580@s34g2000cwa.googlegroups.com...
> Hi,
>
> I have written a tool wich de/encrypts a few of my forum and
> bloggin-Passwords.
> My question is how secure it is.
> The following describes how I have encrypted my passwords.
>
> When I log in, the Login-Password is changed into a md5-Hash and is
> compared to the login-password in the db. If the passwords are the same
> the use is logged in (common procedure). Then the clear-text
> login-password decrypts an unknown key which is stored in the
> $_SESSION-Variable. With that key I decrypt the stored passwords in the
> db.
> I use the Blowfish Algorithm
> (http://www.php-einfach.de/sonstiges_generator_blowfish_script.php,
> Source is in German, sorry.).
> How secure is the Blowfish Algorithm?
> Each time I log in to my Site, the script generates a new key and
> de/encrypts all the stored passwords again. So the stored
> crypted-passwords look different everytime I login.
>
> Sry, for my English-skills... I'm a little bit rusty...

Well, in English, that last paragraph is called "fishing for compliments".
You secretly know your English is just fine, and you secretly want us to say
that.

Your English is just fine.

Now, as far as the technical matters ...

The scheme you've presented goes against known best practices.

First, I would recommend SHA1 over MD5. There have been several successful
partial attacks on MD5, see:

http://www.wikipedia.org/search-redirect.php?search=MD5&language=en&go=++%3E++&go=Go

MD5 and SHA1 are functionally equivalent from your point of view, in that
(a)PHP supports both, and (b)SHA1 is 160 bits rather than 128 bits (so, you
need to store a few more hexadecimal characters).

STORAGE OF PASSWORDS:

Modern doctrine is that passwords are NEVER stored plain or in a reversible
way. The hash that you store should be the hash of the concatenation of:

a)A key known only to the server (500 characters of random text in a file is
fine).

b)The password.

c)And (a) and (b) should be repeated a few times, i.e. A + B + A + B + A + B
+ A, at least.

In order for an attacker to do anything, it is required that:

a)The key be compromised.

b)The stored hash be compromised.

c)The algorithm be compromised (although concatenation and hashing isn't
hard to guess).

d)And even once that condition is met, the best that can be mounted is a
dictionary attack.

LOST PASSWORDS:

As another poster pointed out, best practice is to reset the password to a
random new one and e-mail it to the user. A good system is to keep two
passwords (permanent + timed temporary) so that one user can't disable
another's account by using the "lost password" functionality. He can only
generate nuisance e-mail.

The user shouldn't be "stuck" with the random password, he should then be
able to change it.

Dave.

• Next in forum: Re: Why does is_dir($_SERVER['DOCUMENT_ROOT']) produce false in Windows XP?
• Prev in forum: Re: is php free what is zend? you have to pay for it to be fast? hmm
• Thread view: Re: Encrypting Passwords

[Reply to this message]