Closed Chilinot closed 8 years ago
We can use the same one as for the Admin password.
We first hast the inputted password. We then concatenate the hash string with the time stamp. We hash it again. We send it to the server.
The server takes the hashed password stored for that user from the database. Then appends the time-stamp of the message and hashes again.
If they match the password is correct.
The hashing algorithm is SHA-256
We could also salt the passwords with the username. in the database.
I still think we should use bcrypt as it is scalable in how much work it does and takes care of salting by itself.
But the salting part is trivial? And SHA-256 is secure enough, Or we could even roll with SHA-512 if we are feeling h ardcore.
Besides as far as I understand bCrypt it actually decrypts the password down to its plain text form. If we where to use the existing approach the password would only ever exist in plain text in the time between it has been entered and the hashing function is completed.
And we could also trivially scale up the hashing in the same way bCrypt does. But I don't really see the need for that. Brute forcing a SHA-256 is as of now costly enough.
Stackoverflow has a great thread on the subject of SHA-512 vs bcrypt. http://stackoverflow.com/questions/1561174/sha512-vs-blowfish-and-bcrypt
Another link on the subject that was on hacker news not long ago: https://codahale.com/how-to-safely-store-a-password/
The main points being: SHA-2, SHA-3, and other hashing algorithms are made to produce a unique hash that can be computed fast from large amounts of data. Because the algorithms are made to be fast we have to iterate them several times, up to the thousands, in order to produce a more secure hash in the end. The problem with this is that the more times we iterate the more we increase the risk of hash collisions. The SHA-2 algorithms also have known vulnerabilities, that might not be exploitable today, but has led to the quest for SHA-3 algorithms.
bcrypt is designed for storing passwords, it's the default algorithm in Linux and OpenBSD and doesn't rely on several iterations of the output, this is managed internally through the work factor. bcrypt also relies on Blowfish that have no know vulnerabilities as of now.
Oki! I recede, your arguments are more valid than mine.
I will make a proper issue out of it.
This issue is tied to isse #9. I suggest we hash the passwords using BCrypt.