TheGrandmother / MUD

The worlds lames mud :/
1 stars 1 forks source link

Determine Hash-algorithm to use for passwords #53

Closed Chilinot closed 8 years ago

Chilinot commented 8 years ago

This issue is tied to isse #9. I suggest we hash the passwords using BCrypt.

TheGrandmother commented 8 years ago

We can use the same one as for the Admin password.

We first hast the inputted password. We then concatenate the hash string with the time stamp. We hash it again. We send it to the server.

The server takes the hashed password stored for that user from the database. Then appends the time-stamp of the message and hashes again.

If they match the password is correct.

The hashing algorithm is SHA-256

We could also salt the passwords with the username. in the database.

Chilinot commented 8 years ago

I still think we should use bcrypt as it is scalable in how much work it does and takes care of salting by itself.

TheGrandmother commented 8 years ago

But the salting part is trivial? And SHA-256 is secure enough, Or we could even roll with SHA-512 if we are feeling h ardcore.

TheGrandmother commented 8 years ago

Besides as far as I understand bCrypt it actually decrypts the password down to its plain text form. If we where to use the existing approach the password would only ever exist in plain text in the time between it has been entered and the hashing function is completed.

And we could also trivially scale up the hashing in the same way bCrypt does. But I don't really see the need for that. Brute forcing a SHA-256 is as of now costly enough.

Chilinot commented 8 years ago

Stackoverflow has a great thread on the subject of SHA-512 vs bcrypt. http://stackoverflow.com/questions/1561174/sha512-vs-blowfish-and-bcrypt

Chilinot commented 8 years ago

Another link on the subject that was on hacker news not long ago: https://codahale.com/how-to-safely-store-a-password/

Chilinot commented 8 years ago

The main points being: SHA-2, SHA-3, and other hashing algorithms are made to produce a unique hash that can be computed fast from large amounts of data. Because the algorithms are made to be fast we have to iterate them several times, up to the thousands, in order to produce a more secure hash in the end. The problem with this is that the more times we iterate the more we increase the risk of hash collisions. The SHA-2 algorithms also have known vulnerabilities, that might not be exploitable today, but has led to the quest for SHA-3 algorithms.

bcrypt is designed for storing passwords, it's the default algorithm in Linux and OpenBSD and doesn't rely on several iterations of the output, this is managed internally through the work factor. bcrypt also relies on Blowfish that have no know vulnerabilities as of now.

TheGrandmother commented 8 years ago

Oki! I recede, your arguments are more valid than mine.

I will make a proper issue out of it.