散列“记住我”的最佳方式Cookie令牌 [英] Best way for hashing a "remember me" cookie token

问题描述

我想根据此处提供的指南实施记住我功能：基于表单的网站认证的确定指南，并在此处： http://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice/

似乎cookie令牌应该当存储在DB中时进行哈希处理（如果攻击者可以访问数据库，则取消隐藏的令牌看起来像普通登录/密码，允许在网站上登录）。

一个好的散列算法，我发现这个推荐的技术使用 bcrypt ： http://stackoverflow.com/ a / 6337021/488666

我试过了，发现提议的轮次数（15）会导致非常慢处理时间（在Intel Core 2 Duo E8500 + 4 GB RAM上的散列2,3s +验证2,3s）

我知道哈希算法应该相对缓慢阻止攻击者，但在这个级别，它阻碍用户使用网站：）

你认为较少的轮

解决方案< stackoverflow.com/questions/549/the-definitive-guide-to-forms-based-website-authentication\">基于表单的网站身份验证的确定指南：

请勿在您的数据库中存储永久登录COOKIE（TOKEN），
只保存它！登录令牌是密码等效的，因此如果一个
攻击者得到他的手在你的数据库，他可以使用令牌
登录到任何帐户，就像他们是明文登录密码
组合。 因此，在存储持久登录令牌时，请使用强盐渍哈希（bcrypt / phpass）
。

我同意第一个大胆的句子，但不是最后一个。

如果我没有误解，强盐渍散列算法的目的是有人

但是这里，散列的字符串不是密码，而是随机的字符串。因此，任何彩虹表都不可能检索任何原始散列的字符串。我甚至猜测，我只是可以使用一个基本的哈希（'sha256'，$ randomString）调用这个，目标是有不同的值的令牌在DB和

I'm trying to implement a "remember me" feature, following the guidelines provided here: The Definitive Guide To Forms based Website Authentication, and here: http://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice/

It appears that the "cookie token" should be hashed when stored in DB (if an attacker has access to DB, unhashed tokens look like plain login/passwords, allowing to log in on the website).

Looking for a good hashing algorithm, I've found this recommended technique using bcrypt: http://stackoverflow.com/a/6337021/488666

I've tried it and found that with the amount of rounds proposed (15) leads to a very slow processing time (hash 2,3s + verify 2,3s on an Intel Core 2 Duo E8500 + 4 GB RAM)

I know that hashing algorithms should be relatively slow to hamper attackers, but at that level, it hampers users to use the website :)

Do you think that less rounds (e.g. 7, which drops processing time to 10ms + 10ms) will be enough?

解决方案

Quoting The Definitive Guide To Forms based Website Authentication:

DO NOT STORE THE PERSISTENT LOGIN COOKIE (TOKEN) IN YOUR DATABASE, ONLY A HASH OF IT! The login token is Password Equivalent, so if an attacker got his hands on your database, he could use the tokens to log in to any account, just as if they were cleartext login-password combinations. Therefore, use strong salted hashing (bcrypt / phpass) when storing persistent login tokens.

I agree with the first bold sentence, but not the last one.

If I'm not mistaken, the purpose of a "strong salted hashing" algorithm is that someone should not be able to retrieve passwords given a rainbow table.

But here, the hashed string is not a password but a random string. Therefore it's pretty unlikely that any rainbow table would be able to retrieve any originally hashed string. I even guess that I simply could use a basic hash('sha256', $randomString) call for this, the goal being to have different values for the token in the DB and in the cookie.

这篇关于散列“记住我”的最佳方式Cookie令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！