客户端密码哈希与纯文本 [英] Client side password hash versus plain text
问题描述
我正在组装一个 android 客户端(并且可能在未来的 iOS、门户网站等中)和 php mysql 服务器.服务器端我目前正在使用 PHPass 库对传入的密码进行散列和加盐.
I'm putting together an android client (and possibly in the future iOS, web portal, etc) and php mysql server. Server side I am currently using the PHPass library to hash and salt the incoming passwords.
我应该让客户端通过 HTTPS/SSL 发送纯文本密码还是客户端应该先进行某种形式的散列.例如,每个客户端是否应该只对每个传出密码进行 sha1(或某种其他算法)?
Should I make the client send plain text passwords over HTTPS/SSL or should the client do some form of hashing first. For example should every client simply sha1 (or some other algorithm) every outgoing password?
推荐答案
大多数网站将通过加密连接 SSL/HTTPS 以纯文本形式发送密码.可以在客户端对密码进行散列,但优点是很小,而且客户端语言 (JavaScrypt) 通常很慢,因此您可以同时计算更少的轮次,这会削弱散列.在每种情况下,服务器都必须计算一个哈希值以确保安全.
Most websites will send the password plain-text over an encrypted connection SSL/HTTPS. Hashing the password client-side can be done, but the advantage is small and often client-side languages (JavaScrypt) are slow so you can calculate less rounds in the same time, what weakens the hash. In every case the server must calculate a hash as well to be safe.
优势很小,因为如果攻击者可以进行 ManInTheMiddle 攻击,他还可以修改/删除进行散列的脚本(JS).只有使用 SSL/HTTPS 的加密连接才能防止 MITM 攻击,因此您无论如何都需要 SSL.
The advantage is small, because if an attacker can do a ManInTheMiddle attack, he can also modify/remove the script (JS) which does the hashing. Only an encrypted connection with SSL/HTTPS can protect against a MITM attack, so you need SSL anyway.
在您使用应用的情况下,它看起来略有不同.因为用户首先要安装你的软件,所以不需要向客户端发送脚本,所以中间人不能修改这个脚本.此外,该应用可以相对较快地计算散列(如果它可以运行本机代码),因此可以在客户端进行足够多的轮次.
In your case with an app, it looks slightly different. Because the user first has to install your software, there is no need to send a script to the client, so a MITM cannot modify this script. Moreover, the app can calculate the hash relatively fast (if it can run native code) and therefore can do enough rounds on client-side.
这就是我会做的:
- 为方便起见,通过加密的 SSL/HTTPS 连接发送纯文本密码,并像现在一样计算慢速 BCrypt 哈希服务器端.
- 只有当服务器上的负载变得太重时,您才能将慢速 BCrypt 哈希的计算转移到客户端应用程序.仍然使用 HTTPS 发送哈希,然后在服务器上计算额外的快速哈希(例如 SHA-256).这更复杂,因为您必须单独交换和存储盐.
这篇关于客户端密码哈希与纯文本的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
