我应该使用什么散列算法来存储密码? [英] What hashing algorithm should I use for storing passwords?
问题描述
另外,salting和密钥扩展为我提供了多少安全性?
- MD5已被破坏。
- SHA-1存在重大缺陷。
- SHA-2目前被认为是足够的。
- SHA-3将很快成为FIPS标准。
- 最佳做法是将密码散列与随机腌制和密钥延伸相结合,例如 PBKDF2 。
- A 关于密码腌制,散列和拉伸的良好讨论。 http://sleeksoft.co.uk/public/techblog/articles/20130411_1.htmlrel =nofollow>在C#中实现密码salting,散列和拉伸。
至于散列提供的额外安全性,取决于您使用的散列迭代次数。举个例子,假设你决定使用2 ^ 14哈希迭代。这将密码的熵增加了14位。根据摩尔定律,由散列提供的熵的每个额外位表示与当今相同的时间约18个额外的月份以破解密码。所以它会是21年(14 x 18个月),因为在原始密码可以被破解的同时,迭代哈希可以被破解。
额外的安全性通过盐析提供的是它防止使用彩虹桌。
I'm not really up to date with the most recent developments regarding hashing algorithms strengths; what is currently my best bet for storing passwords?
Also, how much more security do salting and key stretching offer me?
- MD5 has been broken.
- SHA-1 has significant weaknesses.
- SHA-2 is considered adequate at the moment.
- SHA-3 will shortly become a FIPS standard.
- Best practice is to combine password hashing with random salting and key stretching, e.g. PBKDF2.
- A good discussion on password salting, hashing, and stretching.
- My implementation of password salting, hashing, and stretching in C#.
As for the extra security provided by hashing, that depends on how many hash iterations you use. As an example, say that you decide to use 2^14 hash iterations. This increases the password's entropy by 14 bits. According to Moore's Law, each extra bit of entropy provided by the hash means approximately 18 extra months to crack the password in the same time as today. So it will be 21 years (14 x 18 months) before the iterated hash can be cracked in the same time as the raw password can be cracked today.
The extra security provided by salting is that it prevents the use of rainbow tables.
这篇关于我应该使用什么散列算法来存储密码?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!