如何使MD5更安全?还是真的有必要吗? [英] How can I make MD5 more secure? Or is it really necessary?

问题描述

我将用户名和密码存储在MySQL数据库中，并使用MD5对其进行哈希处理.但是，我只使用标准的PHP函数，而没有进行任何修改.现在，我读到MD5坏了.你最近怎么样您是通过不同的哈希机制运行几次还是添加某种形式的盐?

I'm storing username and password in a MySQL database and have them hashed using MD5. However, I'm only using the standard PHP function without any modification. Now, I read that MD5 is broken. How are you doing it? Do you run it several times through a different hash mechanism or add some form of salt?

推荐答案

我很惊讶人们如何跳入该死，它坏了，我不会用它！"的潮流，不要犯同样的错误

I'm amazed how people jump on the bandwagon of "damn, it's broken, I won't use it!", don't do the same mistake.

您无法使MD5更好.即使使用SHA-1，也容易遭受与MD5相同类型的攻击. 使用bcrypt将比MD5和SHA算法使用更多的CPU.

You can't make the MD5 better. Even using SHA-1 is vulnerable to same type of attacks as MD5. Using bcrypt will use A LOT more CPU than MD5 and SHA algorithms.

与SHA一样，MD5的设计速度也很快. bcrypt不是，它允许更多的排列，这使某人尝试解密原始字符串变得更加困难.

MD5 is designed to be fast, same as SHA. bcrypt isn't and it allows for more permutations, which makes it harder for someone to try to decrypt the original string.

您需要知道为什么MD5被认为是损坏的".

You need to know why MD5 is considered "broken".

• 因为它可以快速计算出长度不超过6个字符的彩虹密码表.

利用当今的计算能力，您可以创建一个字符数组，并将所有排列MD5映射到原始字符串.这就是您获得彩虹桌的方式.如果有人下载您的数据库，然后将密码与他们的Rainbow表进行比较-他们可以获得用户的原始密码.之所以如此危险，是因为人们在很多事情上都使用相同的密码-包括贝宝和其他货币处理服务.这就是为什么您使用所谓的盐.这使得获取原始字符串变得更加困难，因此，给用户的密码加盐(例如通过反转密码并用MD5反转输入的内容)将使攻击者更难将哈希还原为原始字符串.

Using today's computing power, one can create an array of characters and MD5 all permutations and map them to the original string. That's how you get a rainbow table. If someone downloads your database and then compares passwords to their rainbow table - they can obtain users' original password. Reason why this is dangerous is because people use same passwords for many things - including paypal and other money processing service. That's why you use so-called salt. That makes it even harder to obtain the original string, so salting your users' passwords (let's say by reversing them and MD5-ing the reversed input) will make it harder for the attacker to revert the hash to original string.

• 由于碰撞.

什么是碰撞?如果为哈希函数提供两个不同的字符串，并且它返回相同的哈希-这就是冲突.如何将其转换为登录的Web密码和哈希密码?如果您对user1/password1和user2/password2具有相同的哈希值-他们可以以其他人的身份登录.那就是冲突在安全中起作用的地方.

What's a collision? If you give hashing function two different strings and it returns the same hash - that's a collision. How does it translate to web and hashing passwords for logins? If you have the same hash for user1/password1 and user2/password2 - they could log on as someone else. That's where collisions play the role in security.

之所以将MD5视为损坏的原因是因为MD5对于百分比差异很小的字符串返回相同的哈希值.而且，计算该字符串可能是不容易的！ 从数学的角度来看-是的，它是残破的"，因为如果您的字符串有100个字符，并且与其他字符串相差10个字符(相差10％)，则您将获得相同的哈希值.

Reason why MD5 is considered broken is because MD5 returns same hash for strings that differ in small percentage. And it's not easy to calculate what that string might be! From mathematical point of view - yes, it's "broken" because if your string has 100 chars and it differs from other string in 10 chars (10% difference) - you get the same hash.

适用于MD5的内容适用于所有哈希算法.最后，它们全部没有无限可能的散列. 但是，其中一些(例如MD5)具有较少的散列，并且执行速度更快.

What applies for MD5 applies for ALL hashing algorithms. In the end, all of them don't have infinite number of possible hashes. However, some of them (like MD5) have less possible hashes and execute faster.

最后，如果有人进入您的数据库-与使用MD5而不是bcrypt或SHA1相比，您面临的问题更大.

In the end, if someone got to your database - you have a bigger problem than using MD5 instead of bcrypt or SHA1.

这篇关于如何使MD5更安全?还是真的有必要吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！