加强关键。我做对吗？ [英] Key Strengthening. Am I Doing It Right?

问题描述

我写一个类来哈希密码，它实现重点拉伸通过使用System.Security.Cryptography.Rfc2898DeriveBytes类。以生成用于计算哈希值的键

I am writing a class to hash passwords which implements Key Stretching by using the System.Security.Cryptography.Rfc2898DeriveBytes class to generate the keys used to compute the hash value.

的代码实质上不这样：

// Higher iterations value results in better key strength
var db = new Rfc2898DeriveBytes(password + salt + secretKeyFromConfigFile,
                                saltAsBytes,
                                iterations);

byte[] hashKey = db.GetBytes(64); // 64 bytes is the recommended size for the HMACSHA512 class

var sha512 = new System.Security.Cryptography.HMACSHA512(hashKey);

byte[] hashInput = System.Text.Encoding.UTF8.GetBytes(password + salt + secretKeyFromConfigFile);

byte[] hash = sha512.ComputeHash(hashInput);

return System.Convert.ToBase64String(hash);

有关System.Security.Cryptography.Rfc2898DeriveBytes文档表示它使用......一个伪基于System.Security.Cryptography.HMACSHA1派生密钥随机数发生器。

The documentation for System.Security.Cryptography.Rfc2898DeriveBytes indicates that it uses "... a pseudo-random number generator based on System.Security.Cryptography.HMACSHA1" to derive the key.

由于SHA512比SHA1更好它会更好，以简单地套用SHA512散列函数？像这样

Since SHA512 is better than SHA1 Would it be better to simply apply the SHA512 hash function like so?

byte[] hash;

for (int i = 0; i < iterations; i++)
{
    hash = sha512.ComputeHash(hash ?? hashInput);
}

return System.Convert.ToBase64String(hash);

是什么加强键（如图中第1代码块）和加强的散列之间的差（如在第2个码块示出）

What is the difference between strengthening the key (as shown in the 1st code block) and strengthening the hash (as shown in the 2nd code block)?

这是做关键散列密码时拉伸该优选方法

What is the preferred method to do key stretching when hashing passwords?

推荐答案

除非你是一个加密大师，只是坚持这是很可能正确实施Rfc2898DeriveBytes。抵御黑客一起定制的解决方案，这将打破你的系统的安全性的诱惑。

Unless you're a crypto guru, just stick to Rfc2898DeriveBytes which is very probably correctly implemented. Resist the temptation of hacking together a custom solution which will break the security of your system.

有没有理由哈希Rfc2898DeriveBytes的输出。

There's no reason to hash the output of Rfc2898DeriveBytes.

直接使用GetBytes会（），它被设计用于意图。

Directly use GetBytes(), it's been designed for that intent.

什么是你的关键拉伸目的是什么？密码或密码哈希？对于密码哈希，你可能想使用不同的算法。

What's the purpose of your key stretching? Cipher or password hash? For a password hash, you probably want to use a different algorithm.

这篇关于加强关键。我做对吗？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！