ASP.NET Identity 的默认密码哈希器 - 它是如何工作的，它是否安全? [英] ASP.NET Identity's default Password Hasher - How does it work and is it secure?

问题描述

我想知道 UserManager 是否足够安全?如果是这样，您能否向我解释它是如何工作的?

I am wondering wether the Password Hasher that is default implemented in the UserManager that comes with MVC 5 and ASP.NET Identity Framework, is secure enough? And if so, if you could explain to me how it works?

IPPasswordHasher 界面如下所示:

IPasswordHasher interface looks like this:

public interface IPasswordHasher
{
    string HashPassword(string password);
    PasswordVerificationResult VerifyHashedPassword(string hashedPassword, 
                                                       string providedPassword);
}

如您所见，它不需要加盐，但在此线程中提到:Asp.net Identity 密码散列"事实上，它确实在幕后加了盐.所以我想知道它是如何做到这一点的?这些盐是从哪里来的?

As you can see, it doesn't take a salt, but it is mentioned in this thread: "Asp.net Identity password hashing" that it does infact salt it behind the scenes. So I am wondering how does it do this? And where does this salt come from?

我担心的是 salt 是静态的，使其非常不安全.

My concern is that the salt is static, rendering it quite insecure.

推荐答案

这是默认实现的方式 (ASP.NET Framework 或 ASP.NET Core) 工作.它使用 密钥派生函数随机盐来产生散列.盐作为 KDF 输出的一部分包含在内.因此，每次散列"相同的密码时，您都会得到不同的散列值.为了验证散列，将输出拆分回盐和其余部分，并使用指定的盐对密码再次运行 KDF.如果结果与初始输出的其余部分匹配，则验证哈希.

Here is how the default implementation (ASP.NET Framework or ASP.NET Core) works. It uses a Key Derivation Function with random salt to produce the hash. The salt is included as part of the output of the KDF. Thus, each time you "hash" the same password you will get different hashes. To verify the hash the output is split back to the salt and the rest, and the KDF is run again on the password with the specified salt. If the result matches to the rest of the initial output the hash is verified.

哈希:

public static string HashPassword(string password)
{
    byte[] salt;
    byte[] buffer2;
    if (password == null)
    {
        throw new ArgumentNullException("password");
    }
    using (Rfc2898DeriveBytes bytes = new Rfc2898DeriveBytes(password, 0x10, 0x3e8))
    {
        salt = bytes.Salt;
        buffer2 = bytes.GetBytes(0x20);
    }
    byte[] dst = new byte[0x31];
    Buffer.BlockCopy(salt, 0, dst, 1, 0x10);
    Buffer.BlockCopy(buffer2, 0, dst, 0x11, 0x20);
    return Convert.ToBase64String(dst);
}

验证:

public static bool VerifyHashedPassword(string hashedPassword, string password)
{
    byte[] buffer4;
    if (hashedPassword == null)
    {
        return false;
    }
    if (password == null)
    {
        throw new ArgumentNullException("password");
    }
    byte[] src = Convert.FromBase64String(hashedPassword);
    if ((src.Length != 0x31) || (src[0] != 0))
    {
        return false;
    }
    byte[] dst = new byte[0x10];
    Buffer.BlockCopy(src, 1, dst, 0, 0x10);
    byte[] buffer3 = new byte[0x20];
    Buffer.BlockCopy(src, 0x11, buffer3, 0, 0x20);
    using (Rfc2898DeriveBytes bytes = new Rfc2898DeriveBytes(password, dst, 0x3e8))
    {
        buffer4 = bytes.GetBytes(0x20);
    }
    return ByteArraysEqual(buffer3, buffer4);
}

这篇关于ASP.NET Identity 的默认密码哈希器 - 它是如何工作的，它是否安全?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！