从SHA1迁移到SAH2 Asp.net 4.5，C＃ [英] Migration from SHA1 to SAH2 Asp.net 4.5,C#

问题描述

您好，



我们有一个ASP.NET Web应用程序，它是在.net framework 4.5版本中构建的。目前正在生产中，该应用程序使用SHA1加密算法。这种算法在MachineKey中设置。应用程序的web.config文件的标记。此应用程序使用Asp.Net Membership概念来维护登录凭据。



由于SHA1算法即将退化，因此我们希望将应用程序从SAH1更新为SHA2。为此，我们设置了HMACSHA256。在MachineKey中应用程序的web.config文件的标记。



使用上述设置将我们的应用程序升级到SHA2后，我们希望旧用户密码（使用SHA1加密并已存在于memebership数据库中）将无法使用SHA2 alogorithm。但它允许较旧的用户登录而无需对先前加密的密码进行任何修改。



能否帮助我们解决与SHA1到SHA2迁移相关的问题：



问题1：是否在MachineKey中进行了更改。应用程序的web.config文件的标签足够/推荐用于此迁移吗？



问题2：由于我们仍然可以使用preiosuly encrpted密码登录应用程序， memebership数据库真的使用web.config文件中设置的SHA2加密？或者我们需要添加一些额外的设置来在memebership数据库级别启用SHA2加密？请给出建议。



请建议是否有最好的方法在Memebership数据库级别启用SHA2加密。



谢谢，

Riz

Hello,

We have one ASP.NET web application which is build in .net framework 4.5 version. Currently on production this application is using SHA1 encrption alogorith.This alogorithm is set in "MachineKey" tag of application's web.config file. This applicaion uses Asp.Net Membership concept for maintaining Login credentials.

As the SHA1 alogorith is on verge of degradation so we want to update our application from SAH1 to SHA2. For this we have set "HMACSHA256" in "MachineKey" tag of application's web.config file.

After upgrading our application to SHA2 with above settings, we expect that the older users passwords(which was encrypted using SHA1 and already present in memebership database) will not work with SHA2 alogorithm. But it allows older users to login without any modification in previously encrypted password.

Can you please help us on following questies related to SHA1 to SHA2 migration:

Question 1 : Does the changes made in "MachineKey" tag of application's web.config file is enough/recommended for this migration?

Question 2 : As we are still able to login into the application using previosuly encrpted passwords, does the memebership database really uses the SHA2 encrption set in web.config file? Or we need to add some additional settings to enable SHA2 encrption on memebership database level? Please advice.

Please suggest if there is any best way to enable SHA2 encrption on Memebership database level.

Thanks,
Riz

推荐答案

尽管谢尔盖提出了他对你的问题的评论，但任务仍然很艰巨为积极使用的应用程序执行。我想你应该说，SHA1哈希算法。使用SHA1进行加密就好像您只需要加密，而不是解密。



现在，问题是，使用SHA1算法对密码进行哈希处理，保持这种方式！即使您想将系统升级到基于SHA2的算法，您的用户也不会满意。由于许多原因：



1.您无法自行更改密码，因为您无法恢复哈希值。如果你知道他们的密码，那么目的哈希是未知的。

2.两种类型的密码散列之间存在冲突。 SHA1和SHA2。

3. SHA2也会消失（如计算中所示！）， SHA- 3 [ ^ ]即将到来。



现在，在这里回答你的问题。您只能做一件事，要求您的用户更新他们的密码！一旦忘记密码，它就像更新密码一样。但只有这一次，您才会允许他们输入以前的密码作为安全问题。



1：更新应用程序的架构，没有事先正确理解侧面效果。我不会更新web.config来解决这个问题。



2：您需要为当前用户保留SHA1摘要，并为其余用户管理SHA2摘要。我建议你创建一个额外的字段来保存IsSHA2，然后检查其中一个。



否则，您可以要求您的用户更新以前的密码并将其更新为SHA2摘要。

Despite the fact that Sergey brings up in his comment to your question, the task is still very tough to be performed for an actively used application. I would assume that you meant to say, "SHA1" hashing algorithm. Encrypting using SHA1 would be as if you only want encrypt, and not decrypt.

Now, the thing is, that your passwords are hashed using SHA1 algorithm, keep it that way! Even if you want to upgrade your systems to SHA2 based algorithms, your users won't be happy. Due to many reasons:

1. You cannot change their passwords on your own, because you cannot revert the hash. If you knew their passwords, then the purpose hashing is unknown.
2. Their would be a conflict between password hashing of both the types. SHA1 and SHA2.
3. SHA2 is also going to fade away (as in your calculation!), SHA-3[^] is coming in hot.

Now, to answer your problem here. There is only one thing you can do, ask your users to update their passwords! It would be same as "updating" the passwords, once they have forgotten it. But only this time, you will allow them to enter their previous passwords as a security concern.

1: Updating the application's architecture, without prior and proper understanding of the side effects. I won't go up with updating just web.config to overcome this problem.

2: You would need to hold SHA1 digests for your current users and manage SHA2 digests for the rest. What I would suggest is that you create an extra field to hold "IsSHA2" and then check either one of them.

Otherwise, you can ask your users to update their previous passwords and update them to SHA2 digests.

请参阅我的评论问题。



关键是：您正在使用密码计算的加密哈希函数来存储它以进行基于密码的身份验证。这非常好：你不应该自己存储密码。只有创建密码的用户才能知道，而不是其他人。无论您拥有什么其他信息，您拥有对系统的访问权限，如果您不知道密码，则无法从已知的哈希函数中恢复它。实际上，这是加密哈希函数的主要目的： 哈希函数的加密可行反转不存在：加密哈希函数 - 维基百科，免费的百科全书 [ ^ ]。



这与加密的区别在于：加密，如果你有一些钥匙，你可以获得原始数据。使用加密哈希函数，这是不可行的，并不意味着发生。这根本不是加密。但是，严格来说，SHA-1易受攻击，可能会被破解（ SHA-1 - 维基百科，免费的百科全书 [ ^ ]），但它不忠诚对您的客户而言，在道德上是不可接受的。所以，我认为你没有选择;只有一种有效的方法。我会解释一下......



你必须支持两个存储的密码数据集合。一个应该包含已经基于SHA-1获得的旧用户密码的加密哈希函数。另一个应该用于新用户，或者更准确地说，用于创建新密码的用户，并且应该在SHA-2上使用该集合。此外，您应该鼓励所有旧用户重新定义其密码。他们可以像以前一样设置相同的密码，没关系。告诉他们这样做至关重要。它将启动建立新密码的过程，因此将使用SHA-2并将其存储在第二个较新的密码哈希数据集合中。希望随着时间的推移，所有用户都将迁移到新的密码哈希数据集合。只有这样你才能完全摆脱SHA-1。

-SA

Please see my comment to the question.

The key is: you are using cryptographic hash function calculated on passwords to store it for password-based authentication. And this is very good: you should never store passwords themselves. Only the user who created the password should know it, no one else. No matter what other information you have, what access to the system you have, if you don't know a password, you cannot restore it from the known hash function of it. Actually, this is the main purpose of cryptographic hash function: cryptographically feasible inversion of the hash function does not exist: Cryptographic hash function — Wikipedia, the free encyclopedia[^].

This is how it is different from encryption: with encryption, you can get original data if you have some key. With cryptographic hash function, this is infeasible and is not meant to happen. This is not encryption at all. However, strictly speaking, SHA-1 is found vulnerable and probably can be cracked (SHA-1 — Wikipedia, the free encyclopedia[^]), but it would be not loyal to your customers, and just ethically unacceptable. So, I think you don't have a choice; there is only one valid approach. I'll explain it…

You have to support two stored collections of password data. One should contain cryptographic hash function for the passwords of "old" users, already obtained based on SHA-1. Another one should be used for new users or, more exactly, the users who create new passwords, and that collection should be used on SHA-2. Moreover, you should encourage all the "old user" to re-define their passwords. They can setup the same password as before, it does not matter. Tell them that doing that is critically important. It will initiate the procedure of establishing a new password, so SHA-2 will be used and stored in the second, newer collection of password hash data. Hope with time all users will migrate to new collection of password hash data. Only then you will be able to get rid of SHA-1 completely.

—SA

这篇关于从SHA1迁移到SAH2 Asp.net 4.5，C＃的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！