将sha1转换为bcrypt? [英] Convert sha1 to bcrypt?

问题描述

我有一个PHP应用程序，它的用户群有些不错.现在不幸的是，这些年来一直在使用sha1($ password.$ salt)，我真的想抛弃它，转而使用bcrypt.我已经找到了一些获取Blowfish哈希的好方法，但是我仍然不确定应该使用哪种转换方法.这是我的选择:

I have a PHP application that has a somewhat decent userbase. Now unfortunately, it has been using sha1($password . $salt) all these years and I really want to ditch that in favor of bcrypt. I have found some nice ways of getting a Blowfish hash, but I am still unsure about the conversion approach that I should use. Here are my options:

每次用户登录时，我都会检查哈希是否以$ 2开头.如果不是，我假设它是sha1，请使用用户输入的密码，为其获取bcrypt哈希，然后替换数据库中的旧哈希.

Every time a user logs in, I check if the hash starts with $2. If not, I assume it is sha1, take the password entered by the user, get the bcrypt hash for it and replace the old hash in the database.

我替换我的auth类来做到这一点:

I replace my auth class to do this:

$hash = password_hash("rasmuslerdorf", sha1($password . $salt));

那样，转换更快.

但是，老实说，我真的不喜欢这两种选择.两者都建议我仍要在代码库中保留要删除的旧版检查.

But honestly, I don't really like either of the options. Both suggest that I still keep a legacy check in the codebase which I want to get rid of.

从编码标准的角度来看，以上两个建议中哪一个更好?还是有人有更好的解决方案?

Any suggestions which of the above two are better from a coding standards point of view? Or does someone have a better solution?

推荐答案

每个密码存储系统都必须具有切换到更好的哈希算法的选项，您的问题不是您可能认为的一次性迁移问题.诸如BCrypt之类的良好密码哈希算法都有一个成本因素，您不时需要增加此成本因素(由于硬件速度更快)，然后需要与迁移相同的过程.

Every password-storing-system must have the option to switch to a better hash algorithm, your problem is not a one-time migration problem as you may think. Good password hash algorithms like BCrypt have a cost factor, from time to time you have to increase this cost factor (because of faster hardware), then you need the same procedure as you need for the migration.

您的Option1是一种方便的方法，只要哈希不是非常不安全的(无盐或非常弱的算法)即可.在PHP的新密码API 中，您甚至可以使用 password_needs_rehash()以确定是否有必要进行更新.

Your Option1 is a convenient approach, as long as the hashes are not terrible unsafe (unsalted or very weak algorithm). In PHP's new password API, you will even have a function password_needs_rehash() to determine whether an update is necessary.

我建议让代码中保留后备内容，这样您就可以避免客户使用无效密码来面对用户的麻烦.作为用户，我不喜欢要求单击链接并重新输入密码的电子邮件，因此，用户被告知由于网络钓鱼而忽略此类电子邮件.如前所述，代码中的此类后备还不错，这是获得安全密码处理的必要步骤.

I would recommend to let the fallback stay in the code, you will spare your customers the hassle of confront their users with an invalid password. As a user i don't like emails that demand to click a link and reenter my password, users are taught to ignore such email because of phishing. As said before, such fallbacks in the code are not bad, it is a necessary step to get a safe password handling.

这篇关于将sha1转换为bcrypt?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！