Salt是否需要随机设置以保护密码哈希? [英] Does salt need to be random to secure a password hash?

问题描述

我对安全性知之甚少(我需要找到基本知识的基本解释)，并且正在尝试提出一种合理的方法来使用.Net将用户密码存储在数据库中.

I know very little about security (I need to find a basic explanation of the basics) and am trying to come up with a reasonable way to store user passwords in a database using .Net.

这是我当前的解决方案:

Here's my current solution:

private static byte[] HashPassword(string password)
{
   using (var deriveBytes = new Rfc2898DeriveBytes(password, 10))
   {
      byte[] salt = deriveBytes.Salt;
      byte[] key  = deriveBytes.GetBytes(20);

      return salt.Concat(key).ToArray();  //Return Salt+Key
   }
}

我将HashPassword()的结果存储在数据库中. 要检查用户密码，请执行以下操作:

I store the results of HashPassword() in the database. To check a user's password I do this:

var salt = //1st  10 bytes stored in the DB
var key  = //Next 20 bytes stored in the DB 
using (var deriveBytes = new Rfc2898DeriveBytes(password, salt))
{
   byte[] newKey = deriveBytes.GetBytes(20);

   if (newKey.SequenceEqual(key) == false)  //Check if keys match
   {
      return "No Match";
   }
   else { return "Passwords match"; }

我的问题是，盐是否需要像这样随机存储在数据库中，或者是否可以生成10字节的盐并将其存储在我的代码中，并且始终使用相同的盐来保存自己的盐? DB并只存储密钥?

My question is if the salt needs to be random and stored in the DB like this or if I could generate a 10-byte salt and store it in my code and always use the same salt to save myself storing the salt in the DB and just store the key?

如果有人在我的工作中遇到任何其他问题，也请多多指教.

Also if anyone sees any other problems with what I'm doing I'd appreciate any advise.

推荐答案

我的问题是，盐是否需要像这样随机存储在数据库中，或者是否可以生成10字节的盐并将其存储在我的代码中，并始终使用相同的盐来保存自己的盐? DB并只存储密钥?

My question is if the salt needs to be random and stored in the DB like this or if I could generate a 10-byte salt and store it in my code and always use the same salt to save myself storing the salt in the DB and just store the key?

绝对不是.

即使您问这个问题，您也根本不了解盐的用途.

ABSOLUTELY NOT.

You don't understand at all the purpose of the salt if you're even asking that question.

salt的目的是使攻击者更加难以使用预先计算的哈希普通密码表.如果salt始终相同，则攻击者仅使用该salt预先计算哈希通用密码表.

The purpose of the salt is to make it arbitrarily more difficult for an attacker to use a precomputed table of hashed common passwords. If the salt is always the same then the attacker just precomputes a table of hashed common passwords with that salt.

让我说得更清楚.假设攻击者已经获取了您的密码数据库，并在闲暇时对所有存储的哈希发起攻击，以计算出与哈希对应的密码是什么.如果每种盐都不同，则攻击者必须对数据库中的每个每个条目发起新鲜攻击.如果每种盐都相同，那么攻击一个用户会攻击每个用户.

Let me make that more clear. Suppose an attacker has obtained your password database and is mounting an attack at her leisure against all the stored hashes to work out what the password corresponding to the hash is. If every salt is different then the attacker has to mount a fresh attack against every entry in the database. If every salt is the same then attacking one user attacks every user.

此外:假设您为每个用户使用相同的盐.假设两个用户具有相同的密码.并假设攻击者已经获得了密码数据库. 攻击者现在知道哪些两个用户具有相同的密码，因为他们具有相同的加盐哈希，并且可以合理地假设这是数据库中最弱的密码.攻击者可以将自己的努力(无论可能是什么)集中在特别攻击该用户上.而且，一旦她知道了用户的密码，就很有可能用户在 other 系统上使用了该用户名和弱密码，攻击者现在可以在没有密码的情况下破坏 文件.

Moreover: suppose you use the same salt for every user. Suppose two users have the same password. And suppose the attacker has obtained the password database. The attacker now knows which two users have the same password because they have the same salted hash and can make the reasonable assumption that this is the weakest password in the database. The attacker can concentrate her efforts (whatever those may be) on attacking that user in particular. And once she knows that user's password, odds are good that the user has used that user name and weak password on other systems, which the attacker can now compromise without having their password files.

您想了解安全性是一件好事；试图以自己的理解水平尝试编写一个真实的密码系统是很糟糕的.如果这是用于必须保护真实用户的真实系统，请使用专家构建的系统 ，或雇用自己的专家.您将要建立一个您不会崩溃的系统，而不是一个攻击者不会崩溃的系统.

It is good that you want to learn about security; it is bad that you're trying to write a real password system with your level of understanding. If this is for a real system that has to protect real users, use a system built by experts, or hire your own expert. You're going to make a system that you can't break, not a system that an attacker can't break.

此外:您正在互联网上向陌生人寻求安全性帮助.陌生人，您不知道他们是否知道自己在说什么或正在捏造东西. 找一个真正的安全专家(那不是不是我-我是语义分析器专家).建立安全系统是目前最艰巨的编程任务之一.您需要专业的帮助.

Moreover: you are asking strangers on the internet for help with security. Strangers who you have no idea whether they know what they're talking about or are just making stuff up. Get a real security expert (and that is not me -- I'm an expert on semantic analyzers). Building a security system is one of the hardest programming tasks there is; you need professional help.

有关基本密码验证方案的简要介绍，请参阅我的系列文章:

For a gentle introduction to basic password authentication schemes, see my series of articles:

http://blogs.msdn.com/b/ericlippert/archive/tags/salt/

这篇关于Salt是否需要随机设置以保护密码哈希?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！