为哈希隐藏盐的必要性 [英] The necessity of hiding the salt for a hash
问题描述
在工作中,我们有两种相互竞争的盐理论.我工作的产品使用诸如用户名或电话号码之类的东西来为哈希加盐.本质上,对于每个用户来说都是不同的,但对我们来说很容易获得.另一个产品为每个用户随机生成一个盐,并在用户每次更改密码时更改.然后在数据库中对盐进行加密.
At work we have two competing theories for salts. The products I work on use something like a user name or phone number to salt the hash. Essentially something that is different for each user but is readily available to us. The other product randomly generates a salt for each user and changes each time the user changes the password. The salt is then encrypted in the database.
我的问题是第二种方法是否真的有必要?我可以从纯理论的角度理解它比第一种方法更安全,但是从实用性的角度来看呢.现在要对用户进行身份验证,盐必须未加密并应用于登录信息.
My question is if the second approach is really necessary? I can understand from a purely theoretical perspective that it is more secure than the first approach, but what about from a practicality point of view. Right now to authenticate a user, the salt must be unencrypted and applied to the login information.
仔细考虑之后,我只是没有看到这种方法带来的真正安全收益.即使攻击者知道如何快速确定每个帐户的盐值,但在帐户之间更改盐仍然使某人尝试暴力破解哈希算法变得极其困难.这是基于密码足够强的假设.(显然,为一组都是两位数的密码找到正确的散列比找到正确的 8 位密码散列要容易得多).是我的逻辑不正确,还是我遗漏了什么?
After thinking about it, I just don't see a real security gain from this approach. Changing the salt from account to account, still makes it extremely difficult for someone to attempt to brute force the hashing algorithm even if the attacker was aware of how to quickly determine what it was for each account. This is going on the assumption that the passwords are sufficiently strong. (Obviously finding the correct hash for a set of passwords where they are all two digits is significantly easier than finding the correct hash of passwords which are 8 digits). Am I incorrect in my logic, or is there something that I am missing?
好的,这就是为什么我认为加密盐真的没有实际意义的原因.(让我知道我是否在正确的轨道上).
Okay so here's the reason why I think it's really moot to encrypt the salt. (lemme know if I'm on the right track).
对于下面的解释,我们假设密码总是 8 个字符,salt 是 5 个,所有密码都由小写字母组成(这只是让数学更容易).
For the following explanation, we'll assume that the passwords are always 8 characters and the salt is 5 and all passwords are comprised of lowercase letters (it just makes the math easier).
为每个条目使用不同的盐意味着我不能使用相同的彩虹表(实际上,如果我有一个足够大的尺寸,我可以使用,但我们暂时忽略它).根据我的理解,这是盐的真正关键,因为要破解每个帐户,我必须重新发明轮子,可以说每个帐户.现在,如果我知道如何将正确的盐应用于密码以生成散列,我会这样做,因为盐实际上只是扩展了散列短语的长度/复杂性.所以我会减少我需要生成的可能组合的数量来知道"我的密码 + 盐从 13^26 到 8^26,因为我知道盐是什么.现在这使它变得更容易,但仍然非常困难.
Having a different salt for each entry means that I can't use the same rainbow table (actually technically I could if I had one of sufficient size, but let's ignore that for the moment). This is the real key to the salt from what I understand, because to crack every account I have to reinvent the wheel so to speak for each one. Now if I know how to apply the correct salt to a password to generate the hash, I'd do it because a salt really just extends the length/complexity of the hashed phrase. So I would be cutting the number of possible combinations I would need to generate to "know" I have the password + salt from 13^26 to 8^26 because I know what the salt is. Now that makes it easier, but still really hard.
所以加密盐.如果我知道盐是加密的,我不会先尝试解密(假设我知道它具有足够的加密级别).我会忽略它.回到前面的例子,我不会试图弄清楚如何解密它,而是生成一个更大的彩虹表,其中包含 13^26 的所有密钥.不知道盐肯定会减慢我的速度,但我认为它不会增加尝试首先破解盐加密的艰巨任务.这就是为什么我认为不值得.想法?
So onto encrypting the salt. If I know the salt is encrypted, I wouldn't try and decrypt (assuming I know it has a sufficient level of encryption) it first. I would ignore it. Instead of trying to figure out how to decrypt it, going back to the previous example I would just generate a larger rainbow table containing all keys for the 13^26. Not knowing the salt would definitely slow me down, but I don't think it would add the monumental task of trying to crack the salt encryption first. That's why I don't think it's worth it. Thoughts?
这是一个链接,描述了密码在蛮力攻击下可以保持多长时间:http://www.lockdown.co.uk/?pg=combi
Here is a link describing how long passwords will hold up under a brute force attack: http://www.lockdown.co.uk/?pg=combi
推荐答案
这里的答案是问问自己,你真正想要保护的是什么?如果有人可以访问您的数据库,那么他们就可以访问加密的盐,并且他们可能也可以访问您的代码.有了这些,他们能解密加密的盐吗?如果是这样,那么无论如何加密几乎毫无用处.盐确实是用来制作它的,因此如果它被入侵,就不可能形成一个彩虹表来一次性破解整个密码数据库.从这个角度来看,只要每个 salt 都是唯一的,没有区别,就需要对你的 salt 或每个密码的加密 salt 进行暴力攻击.
The answer here is to ask yourself what you're really trying to protect from? If someone has access to your database, then they have access to the encrypted salts, and they probably have access to your code as well. With all that could they decrypt the encrypted salts? If so then the encryption is pretty much useless anyway. The salt really is there to make it so it isn't possible to form a rainbow table to crack your entire password database in one go if it gets broken into. From that point of view, so long as each salt is unique there is no difference, a brute force attack would be required with your salts or the encrypted salts for each password individually.
这篇关于为哈希隐藏盐的必要性的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
