在本地安全存储密码 [英] Safely storing a password locally
问题描述
我正在用C编写一个程序,该程序允许用户注册和登录.当用户注册时,我想将其用户名和密码保存在文件中.
据我了解,这样做的最好方法是在密码末尾添加一个随机盐,然后存储该盐密密码的安全哈希(例如SHA-1).
我的问题是:如果我在文本文件中本地存储用户名,哈希和盐,那么如何防止攻击者仅使用自己的salt将文件中的哈希和盐更改为自己的SHA-1哈希,然后使用新密码?
谢谢.
I am making a program in C that allows the user to register and login. When the user registers I want to save his username and password in a file.
As I understood it, the best way of doing so is adding a random salt to the end of the password and then store a secure hash (SHA-1 for example) of the salted password.
My question is: If I locally store the username, hash and salt in the text file, what prevents an attacker from just changing the hash and salt in the file to his own SHA-1 hash with his own salt and then log in using his new password?
Thanks.
推荐答案
这取决于攻击者是否只能访问此密码文件,或者是否也可以访问可执行文件.在后一种情况下,您只能更难地交换哈希,但不能完全阻止它.
It depends on whether the attacker has only access to this password file, or if he has access to the executable as well. In the latter case you can only make it harder to exchange the hashes, but you cannot entirely prevent it.
对于第一种情况,可以使用 HMAC 来验证存储的哈希:
For the first case, on can use a HMAC to verify the stored hash:
- 您的应用程序将包含一个秘密强密钥,并使用此密钥来计算哈希的HMAC.
- 此HMAC可以与密码哈希一起存储在文件中.
- 在读取哈希以进行验证时,该软件会再次计算HMAC,并将其与存储的哈希进行比较.
只要攻击者不知道应用程序中的密钥,就无法为自己的哈希生成正确的HMAC.因此,我们得到的是,密码文件无法更改,但是您的应用程序可以将安全性集中到应用程序的密钥中.通过加密/解密密码文件也可以实现相同的目的.
An attacker won't be able to produce the correct HMAC for his own hashes, as long as he doesn't know the secret key in your application. So what we gain is, that the password file cannot be altered but by your application, the security is concentrated into the key of your application. The same can be achieved with encrypting/decrypting the password file.
P.S.请不要使用SHA-来存储密码,而应使用具有诸如BCrypt,PBKDF2或SCrypt之类的成本因素的哈希函数.*
P.S. Please do not use SHA- to store passwords, instead use a hash function with a cost factor like BCrypt, PBKDF2 or SCrypt.*
这篇关于在本地安全存储密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
