ASP.NET身份默认的密码散列器，它是如何工作的，并且它的安全？ [英] ASP.NET Identity default Password Hasher, how does it work and is it secure?

问题描述

我想知道羯羊密码散列器是默认在实施的UserManager 自带的MVC 5和ASP.NET身份框架，是足够安全？如果是这样，如果你能向我解释它是如何工作？

I am wondering wether the Password Hasher that is default implemented in the UserManager that comes with MVC 5 and ASP.NET Identity Framework, is secure enough? And if so, if you could explain to me how it works?

IPasswordHasher界面看起来是这样的：

IPasswordHasher interface looks like this:

public interface IPasswordHasher
{
    string HashPassword(string password);
    PasswordVerificationResult VerifyHashedPassword(string hashedPassword, 
                                                       string providedPassword);
}

正如你所看到的，它并不需要盐，但它在这个线程提到：的 Asp.net身份密码哈希
 它确实逸岸盐它在幕后。所以，我想知道它是如何做到这一点？而其中，这是否盐从何而来？

As you can see, it doesn't take a salt, but it is mentioned in this thread: "Asp.net Identity password hashing" that it does infact salt it behind the scenes. So I am wondering how does it do this? And where does this salt come from?

我担心的是，盐是静态的，使得它非常不安全的。

My concern is that the salt is static, rendering it quite insecure.

推荐答案

下面是怎样的默认实现的作品。它采用了密钥推导函数的随机盐，以产生哈希值。该盐被包括作为KDF的输出的一部分。因此，每次HASH时相同的密码，你会得到不同的哈希值。验证输出被分割回盐，其余的散列，并且KDF是具有指定盐密码重新运行。如果结果匹配到初始输出检验了散列的其余部分。

Here is how the default implementation works. It uses a Key Derivation Function with random salt to produce the hash. The salt is included as part of the output of the KDF. Thus, each time you "hash" the same password you will get different hashes. To verify the hash the output is split back to the salt and the rest, and the KDF is run again on the password with the specified salt. If the result matches to the rest of the initial output the hash is verified.

散列：

public static string HashPassword(string password)
{
    byte[] salt;
    byte[] buffer2;
    if (password == null)
    {
        throw new ArgumentNullException("password");
    }
    using (Rfc2898DeriveBytes bytes = new Rfc2898DeriveBytes(password, 0x10, 0x3e8))
    {
        salt = bytes.Salt;
        buffer2 = bytes.GetBytes(0x20);
    }
    byte[] dst = new byte[0x31];
    Buffer.BlockCopy(salt, 0, dst, 1, 0x10);
    Buffer.BlockCopy(buffer2, 0, dst, 0x11, 0x20);
    return Convert.ToBase64String(dst);
}

验证：

public static bool VerifyHashedPassword(string hashedPassword, string password)
{
    byte[] buffer4;
    if (hashedPassword == null)
    {
        return false;
    }
    if (password == null)
    {
        throw new ArgumentNullException("password");
    }
    byte[] src = Convert.FromBase64String(hashedPassword);
    if ((src.Length != 0x31) || (src[0] != 0))
    {
        return false;
    }
    byte[] dst = new byte[0x10];
    Buffer.BlockCopy(src, 1, dst, 0, 0x10);
    byte[] buffer3 = new byte[0x20];
    Buffer.BlockCopy(src, 0x11, buffer3, 0, 0x20);
    using (Rfc2898DeriveBytes bytes = new Rfc2898DeriveBytes(password, dst, 0x3e8))
    {
        buffer4 = bytes.GetBytes(0x20);
    }
    return ByteArraysEqual(buffer3, buffer4);
}

这篇关于ASP.NET身份默认的密码散列器，它是如何工作的，并且它的安全？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！