BCrypt 说长而相似的密码是等价的——我的问题，gem 还是密码学领域的问题? [英] BCrypt says long, similar passwords are equivalent - problem with me, the gem, or the field of cryptography?

问题描述

我一直在尝试使用 BCrypt，并发现以下内容.如果重要的话，我正在运行 ruby​​ 1.9.2dev (2010-04-30 trunk 27557) [i686-linux]

I've been experimenting with BCrypt, and found the following. If it matters, I'm running ruby 1.9.2dev (2010-04-30 trunk 27557) [i686-linux]

require 'bcrypt' # bcrypt-ruby gem, version 2.1.2

@long_string_1 = 'f287ed6548e91475d06688b481ae8612fa060b2d402fdde8f79b7d0181d6a27d8feede46b833ecd9633b10824259ebac13b077efb7c24563fce0000670834215'
@long_string_2 = 'f6ebeea9b99bcae4340670360674482773a12fd5ef5e94c7db0a42800813d2587063b70660294736fded10217d80ce7d3b27c568a1237e2ca1fecbf40be5eab8'

def salted(string)
  @long_string_1 + string + @long_string_2
end

encrypted_password = BCrypt::Password.create(salted('password'), :cost => 10)
puts encrypted_password #=> $2a$10$kNMF/ku6VEAfLFEZKJ.ZC.zcMYUzvOQ6Dzi6ZX1UIVPUh5zr53yEu

password = BCrypt::Password.new(encrypted_password)

puts password.is_password?(salted('password')) #=> true
puts password.is_password?(salted('passward')) #=> true
puts password.is_password?(salted('75747373')) #=> true
puts password.is_password?(salted('passwor')) #=> false

起初我认为一旦密码达到一定长度，差异就会在所有散列中丢失，只有当它们非常不同(即不同长度)时才会被识别为不同.根据我对哈希函数的了解，这对我来说似乎不太合理，但我没有看到更好的解释.

At first I thought that once the passwords got to a certain length, the dissimilarities would just be lost in all the hashing, and only if they were very dissimilar (i.e. a different length) would they be recognized as different. That didn't seem very plausible to me, from what I know of hash functions, but I didn't see a better explanation.

然后，我尝试缩短每个 long_strings 以查看 BCrypt 从哪里开始能够区分它们，我发现如果我将每个长字符串缩短到 100 个字符左右，最后的尝试('passwor') 也将开始返回 true.所以现在我不知道该怎么想.

Then, I tried shortening each of the long_strings to see where BCrypt would start being able to tell them apart, and I found that if I shortened each of the long strings to 100 characters or so, the final attempt ('passwor') would start returning true as well. So now I don't know what to think.

对此有何解释?

推荐答案

好消息 是，加密的数学基础还没有解开.:)

The good news is, the mathematical foundations of encryption haven't been dissolved. :)

坏消息是有一个 bcrypt.c 中的 8 位密钥长度限制 静默失败:

The bad news is that there's an 8-bit key length limit in bcrypt.c which is silently failing:

uint8_t key_len, salt_len, logr, minor;

然后:

key_len = strlen(key) + (minor >= 'a' ? 1 : 0);

您为加密传递的内容是 263 个字符，但最终认为它只有 8 个字符.所以您只能对字符串的第一部分进行比较.

What you're passing in for encryption is 263 characters, but it winds up thinking it's only 8. So you're getting comparisons on only the very first part of the strings.

但是，当我减少 long_string 的长度时，它对我来说效果很好，所以如果你确实遇到了可能与某事有关的低于 255 个总范围的问题否则.

However, it works fine for me when I pare down the length of the long_strings, so if you actually do get a problem in the sub-255-total range that may be related to something else.

这篇关于BCrypt 说长而相似的密码是等价的——我的问题，gem 还是密码学领域的问题?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！