是否有任何通常被认为值得信赖的SHA-256 javascript实现? [英] Are there any SHA-256 javascript implementations that are generally considered trustworthy?
问题描述
我正在为论坛写一个登录信息,并且需要在将密码客户端发送给服务器之前将它们散列在JavaScript中。我无法弄清楚我实际上可以信任哪个SHA-256实现。我期待着有一种每个人都使用的权威脚本,但是我发现大量不同的项目都有自己的实现。
我意识到使用其他人的加密永远是一种信仰的飞跃,除非你有资格自己审查它,并且没有普遍的可信赖定义,但这似乎是一些常见而且重要的事情,以至于应该在什么方面达成某种共识使用。我只是天真的?
编辑,因为它在评论中出现了很多:是的,我们再次在服务器端进行更严格的散列。客户端哈希不是我们保存在数据库中的最终结果。客户端哈希是因为人类客户端请求它。他们没有给出具体原因,可能他们就像矫枉过正。
Stanford JS Crypto Library 包含SHA-256的实现。尽管JS中的加密技术与其他实现平台并无太大的区别,但它至少部分由 Dan Boneh ,他是密码学领域一个非常成熟和值得信赖的名字,并且意味着该项目有一些实际上知道自己在做什么的人的监督。该项目也得到 NSF 的支持。然而,值得指出的是,...
...如果你在提交密码之前散列密码,那么散列是密码 strong>,并且原始密码变得无关紧要。攻击者只需要拦截哈希以模仿用户,如果该哈希未经修改就存储在服务器上,那么服务器将存储真正的密码(哈希)因为你决定 。
I am writing a login for a forum, and need to hash the password client side in javascript before sending it on to the server. I'm having trouble figuring out which SHA-256 implementation I can actually trust. I was expecting there to be some kind of authoritative script that everyone used, but I'm finding loads of different projects all with their own implementations.
I realize using other people's crypto is always a leap of faith unless you're qualified to review it yourself, and that there is no universal definition of "trustworthy", but this seems like something common and important enough that there ought to be some kind of consensus on what to use. Am I just naive?
Edit since it comes up a lot in the comments: Yes, we do a more stringent hash again on the server side. The client side hashing is not the final result that we save in the database. The client side hashing is because the human client requests it. They have not given a specific reason why, probably they just like overkill.
The Stanford JS Crypto Library contains an implementation of SHA-256. While crypto in JS isn't really as well-vetted an endeavor as other implementation platforms, this one is at least partially developed by, and to a certain extent sponsored by, Dan Boneh, who is a well-established and trusted name in cryptography, and means that the project has some oversight by someone who actually knows what he's doing. The project is also supported by the NSF.
It's worth pointing out, however...
... that if you hash the password client-side before submitting it, then the hash is the password, and the original password becomes irrelevant. An attacker needs only to intercept the hash in order to impersonate the user, and if that hash is stored unmodified on the server, then the server is storing the true password (the hash) in plain-text.
So your security is now worse because you decided add your own improvements to what was previously a trusted scheme.
这篇关于是否有任何通常被认为值得信赖的SHA-256 javascript实现?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
