密码自加密是否可行？ [英] Is password self-encryption viable?

问题描述

我一直在阅读有关密码存储的信息，并且基本上发现了两种常用的技术。

I've been reading about password storage, and have basically found 2 commonly used techniques.

1. 加密存储的所有密码单键。


2. 使用哈希
   
   
   
   • 使用散列哈希
   
   

存储密码加密本身是否存在缺陷，即加密一个说明 password1 密码 password1 不保存它未加密，当用户想要登录，解密，比较和授予访问权限（或不）？

Is there a flaw in storing the password "encrypted by itself", i.e. encrypting a txt which says password1 with the password password1 without storing it unencrypted, and when a user wants to log in, decrypt, compare and grant access (or not)?

我不懂这个话题，所以有人可以启发我吗？

I am not very literate in this topic, so, can somebody enlighten me?

推荐答案

对于使用盐的散列有三个弱点。

This has three weaknesses over using hashes with salt.

1. 容易受到字典攻击的任何人：您的密码文件可以尝试常用的密码（例如 password1 ），并查看它们是否对存储的值进行自加密。更糟糕的是，根据您的加密方式，这可以在获取密码文件之前离线完成，结果存储在查找表中，以便当有人获取您的文件时，可以立即破解。


2. 它需要一个可变量的存储空间，这对数据库友好而言更少。哈希具有固定长度的输出，但加密长度随输入的长度而变化。


3. 不能轻易地迭代。真正做到这一点的恰当方法是使用盐的散列，但是要迭代该函数几千次（即，哈希，然后再次哈希，再次哈希...）。这意味着验证密码仍然可以在一两秒内完成（取决于您的哈希数），这通常没有问题;但是，由于您现在尝试的每个密码需要几千次，因此更难打破。在这里没有明显的方法，因为加密可能会增加长度（添加初始化向量时等等）。

1. It's vulnerable to a dictionary attack: anyone who gets hold of your password file can try common passwords (like password1) and see if they self-encrypt to the stored value. Worse, depending on how you do the encryption, this could be done offline, before getting hold of the password file, with the results stored in a lookup table so that when someone gets your file then it can be cracked instantaneously.
2. It requires a variable amount of storage, which is less database-friendly. A hash has a fixed-length output, but encryption length varies with the length of the input.
3. It can't easily be iterated. The really proper way to do it is to use a hash with salt, but to iterate the function a few thousand times (i.e., hash, then hash again, then hash again...). This means that verifying a password can still be done in a second or two (depending on how many times you hash), which is usually not problematic; but it's much, much harder to crack because every password you try now needs to be hashed a few thousand times. There's no obvious way of doing that here, because encryption will probably increase the length (when you add in initialisation vectors and so on).

真的，没有理由这样做，当有一个坚实和成熟的技术做得更好。

Really, there's no reason at all to do this, when there's a solid and well-established technique that does it much better.

这篇关于密码自加密是否可行？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！