bcrypt / Bcrypt.net实力和替代品 [英] bcrypt/Bcrypt.net strength and alternatives
问题描述
确定后,经过大量的研究,我已经决定使用bcrypt(随意评论)哈希和存储密码在我的phonegap应用程序。
天前我偶然发现了Bcrypt.net,对我来说似乎够好(再次,随时评论)。所以,我的问题是bcrypt的其他替代实现是可用的在C#中?在执行Bcrypt.net有什么严重的缺陷?
我的安全模型基本上是这样:
- 用户在客户端输入PIN /密码/密码。
- 通过安全SSL发送到我的.net应用程序
- 使用像bcrypt.net这样的库哈希密码并进行存储/比较 $ b
- User enters his pin/password/passphrase on the client
- This is sent to my .net app over secure SSL (so basically send in plaintext from the client)
- Use a library like bcrypt.net to hash the password and do the storage/comparison
还有什么我真的需要考虑这里吗?
任何帮助将非常感激。
很高兴看到有人做了一些研究。
我没有看到任何好的理由,不使用bcrypt。一般来说,在服务器上使用bcrypt,PBKDF2或scrypt可以提供一个很好的安全层。
和以前一样,devil在细节。您当然需要SSL,如果可能的话,使用AES加密的TLS 1.2。如果您不能这样做,请确保您不允许除了用户名/密码+您的连接中必需的HTML以外的其他任何HTML。
您应该对字符编码做出决定的密码。我会建议UTF-8,可能缩小到可打印的ASCII字符。要么记录所使用的字符编码,要么将其存储在配置中的某处。
尝试将所有输入参数与hashed密码一起存储到bcrypt。当然不要忘记迭代计数。这使得当用户以后输入他/她的密码时,更容易升级到更高的迭代计数。您需要生成8-16个字节的安全随机盐,以便用密码存储。
此外,您可能需要应用一个额外的KBKDF方案)到上述任何PBKDF的输出。这使得可以使用 bcyrpt 的输出用于附加键等.KBKDF对具有足够熵的数据的工作,因此通常它们花费很少时间(例如使用NIST SP 800- 108兼容计数器模式KDF)。我想这应该被认为是专家模式。
Ok after a LOT of researching, I've settled on using bcrypt (feel free to comment) to hash and store passwords in my phonegap app.
A few days ago I stumbled upon Bcrypt.net and it seems 'good enough' to me (again, feel free to comment). So, my question is what other alternative implementations of bcrypt are available in C#? Are there any SERIOUS flaws in the implementation of Bcrypt.net?
My security model is basically going to look like this:
Is there anything else that I really need to consider here?
Any help will be greatly appreciated.
Glad to see somebody here who did some research.
I haven't seen any good reasons why you should not use bcrypt. In general, using either bcrypt, PBKDF2 or scrypt on the server to provide a good layer of security.
As always, the devil is in the details. You certainly require SSL, if possible TLS 1.2 using AES encryption. If you cannot do this, make sure you don't allow much else than username/password + necessary HTML in your connection.
You should make a decision on the character encoding of the password. I would advice UTF-8, possibly narrowed down to printable ASCII characters. Either document the character encoding used or store it somewhere in the configuration.
Try to store all input parameters to bcrypt together with the "hashed" password. Certainly don't forget the iteration count. This makes it easier to upgrade to higher iteration count when the user enters his/her password later on. You need to generate a secure random salt of 8-16 bytes to store with the password.
In addition, you may want to apply an additional KBKDF (key based key derivation scheme) to the output of any of above PBKDF's. This makes it possible to use the output of bcyrpt for additional keys etc. KBKDF's work on data with enough entropy, so generally they take little time (e.g. use a NIST SP 800-108 compatible counter mode KDF). I guess this should be considered "expert mode".
这篇关于bcrypt / Bcrypt.net实力和替代品的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
