加密密码 [英] Encrypting Passwords
问题描述
换句话说,如果你选择的密码是最便宜的,我稍后将我的网站迁移到不同的服务器,我的密码是否继续工作?
我被告知使用的方法依赖于库的确切版本安装在服务器上。
如果您为您的登录系统选择加密方式,那么速度不是你的朋友,与托马斯·铂泽克(Thomas Ptacek)的密切关系以及结论是您应该使用您能负担得起的最慢,最安全的加密方法。
从Thomas Ptacek的博客:
速度正是您不想在密码哈希函数中的速度。 / p>
现代密码方案受到增量密码破解者的攻击。</ p>
增量破解者不会预先计算所有可能的破解密码。他们分别考虑每个密码哈希,并且通过密码散列函数来提供他们的字典,与您的PHP登录页面相同。彩虹桌饼干像Ophcrack使用空间来攻击密码;增加的破解者,如约翰开膛手,裂缝和LC5随着时间的推移:统计和计算。
密码攻击游戏在时间上被打破破解密码X.与彩虹表,那个时间取决于你的表需要多大,你可以搜索多快。使用增量式破解程序,时间取决于您可以快速地进行密码散列函数的运行。
您可以更好地优化密码哈希函数,密码哈希函数的速度越快得到,你的计划越弱。 MD5和SHA1,甚至像DES这样的传统块密码也被设计得很快。 MD5,SHA1和DES是弱密码散列。在现代CPU上,像DES和MD5这样的原始加密构建块可以被打乱,矢量化和并行化,从而使得密码搜索变得更快。游戏化FPGA实现只花费数百美元。
What is the fastest, yet secure way to encrypt passwords in (PHP preferred), and for which ever method you choose is it portable?
In other words if I later migrate my website to a different server will my passwords continue to work?
The method I am using now as I was told is dependent on the exact versions of the libraries installed on the server.
If you are choosing an encryption method for your login system then speed is not your friend, Jeff had a to-and-frow with Thomas Ptacek about passwords and the conclusion was that you should use the slowest, most secure encryption method you can afford to.
From Thomas Ptacek's blog:
Speed is exactly what you don’t want in a password hash function.Modern password schemes are attacked with incremental password crackers.
Incremental crackers don’t precalculate all possible cracked passwords. They consider each password hash individually, and they feed their dictionary through the password hash function the same way your PHP login page would. Rainbow table crackers like Ophcrack use space to attack passwords; incremental crackers like John the Ripper, Crack, and LC5 work with time: statistics and compute.
The password attack game is scored in time taken to crack password X. With rainbow tables, that time depends on how big your table needs to be and how fast you can search it. With incremental crackers, the time depends on how fast you can make the password hash function run.
The better you can optimize your password hash function, the faster your password hash function gets, the weaker your scheme is. MD5 and SHA1, even conventional block ciphers like DES, are designed to be fast. MD5, SHA1, and DES are weak password hashes. On modern CPUs, raw crypto building blocks like DES and MD5 can be bitsliced, vectorized, and parallelized to make password searches lightning fast. Game-over FPGA implementations cost only hundreds of dollars.
这篇关于加密密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
