ASP Classic 中密码的推荐散列 [英] Recommended hash for passwords in ASP Classic
问题描述
ASP Classic 中最慢(因此最好)的密码哈希算法是什么?
What is the slowest (therefore best) hash algorithm for passwords in ASP Classic?
对于那些不知道的人,在对密码进行散列时,较慢的散列比更快的散列更受欢迎,以帮助减缓彩虹表样式的攻击.
For those unaware, when hashing passwords, slower hashes are preferred to faster to help slow rainbow table style attacks.
是的,当然速度不是哈希选择的唯一有效问题.我的问题假设所有其他条件相同,首选最慢的哈希方法 散列密码时.虽然碰撞/逆向工程当然也是一个问题,但我在这个问题上优先考虑速度,因为在比较用于密码的流行哈希算法时,它可以说是最重要的考虑因素.
And yes, of course speed isn't the only valid concern for hash selection. My question assumes that All other things being equal, the slowest hash method is preferred when hashing a password. Though collision/reverse engineering is of course a concern too, I'm prioritizing speed in this question since it is arguably the most critical factor to consider when comparing popular hash algorithms for use on passwords.
谢谢!
推荐答案
很多人似乎都在抨击提问者,因为他正在寻找一个慢散列函数.实际上,在所有其他方面都相同的情况下,较慢的哈希函数比快速的哈希函数更安全.这是因为较慢的哈希函数会导致彩虹表的生成速度较慢和对密码的暴力破解或字典攻击速度较慢.
A lot of people seem to be beating on the question-asker because he's looking for a slow hash function. Actually, all other aspects being equal, a slower hash function is more secure than a fast one. This is because a slower hash function results in slower generation of rainbow tables and slower brute forcing or dictionary attacks on the password.
来自 Thomas Ptacek 在 http://www.securityfocus.com/blogs/262,如这篇编码恐怖文章中所述:
From Thomas Ptacek at http://www.securityfocus.com/blogs/262, as referenced in this Coding Horror article:
问题在于MD5 速度很快.所以是它的现代竞争对手,比如 SHA1和 SHA256.速度是一个设计目标现代安全散列,因为散列是几乎所有密码系统,通常得到对每个数据包执行需求或以每条消息为基础.
The problem is that MD5 is fast. So are its modern competitors, like SHA1 and SHA256. Speed is a design goal of a modern secure hash, because hashes are a building block of almost every cryptosystem, and usually get demand-executed on a per-packet or per-message basis.
速度正是您不想要的在密码哈希函数中.
现代密码方案受到攻击使用增量密码破解程序.
Modern password schemes are attacked with incremental password crackers.
增量饼干不预先计算所有可能的破解密码.他们考虑每个密码单独散列,然后他们喂他们的字典通过密码哈希功能与您的 PHP 登录方式相同页会.彩虹桌饼干像 Ophcrack 使用空间攻击密码;增量饼干喜欢开膛手约翰、Crack 和 LC5 工作随着时间的推移:统计和计算.
Incremental crackers don’t precalculate all possible cracked passwords. They consider each password hash individually, and they feed their dictionary through the password hash function the same way your PHP login page would. Rainbow table crackers like Ophcrack use space to attack passwords; incremental crackers like John the Ripper, Crack, and LC5 work with time: statistics and compute.
密码攻击游戏得分在破解密码X所用的时间.彩虹表,那个时间取决于你的桌子需要多大以及如何快你可以搜索它.和增量饼干,时间取决于你可以多快制作密码哈希函数运行.
The password attack game is scored in time taken to crack password X. With rainbow tables, that time depends on how big your table needs to be and how fast you can search it. With incremental crackers, the time depends on how fast you can make the password hash function run.
你越能优化你的密码哈希函数,速度越快你的密码哈希函数得到,你的计划较弱.MD5 和 SHA1,即使是传统的分组密码,如DES,旨在快速.MD5,SHA1和DES是弱密码哈希值.在现代 CPU 上,原始加密DES 和 MD5 等构建块可以进行位切片、矢量化和并行化以进行密码搜索快如闪电.游戏结束 FPGA实施成本仅数百美元.
The better you can optimize your password hash function, the faster your password hash function gets, the weaker your scheme is. MD5 and SHA1, even conventional block ciphers like DES, are designed to be fast. MD5, SHA1, and DES are weak password hashes. On modern CPUs, raw crypto building blocks like DES and MD5 can be bitsliced, vectorized, and parallelized to make password searches lightning fast. Game-over FPGA implementations cost only hundreds of dollars.
一些对 PHP MD5 文档的评论也讨论了对缓慢的偏好.
Some comments on the PHP MD5 documentation also discuss preference for slowness.
回答你的问题,看起来 BCrypt 是要走的路.但是,我还没有找到 ASP Classic 的任何实现.如果这是真的,我会坚持使用像 SHA512 这样的常规哈希函数.
To answer your question, it looks like BCrypt is the way to go. However, I have not been able to find any implementations for ASP Classic. If that's true, I would stick with a regular hash function like SHA512.
这篇关于ASP Classic 中密码的推荐散列的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
