Saturday, July 14, 2012 0 comments
We all know that password is the most secure information stored on the website server. So web master must use proper security mechanism to make it secure from hackers. There are many websites which still store passwords in the plain text which is not recommended.
Although big companies boasts to be secure but recent hacking attempts shows something else. Few weeks back, a hacker has posts millions of LinkedIn password. Although passwords were encrypted, but they have used simple md5 hashing which is easy to break if password is weak. Most of the websites use simple hashing mechanism to protect passwords. But there are many hash crackers available which can crack hash within few minutes. These hash crackers can also crack long passwords but take some time.
Hashing: Hash functions are algorithms that map a variable length string to a fixed length string of smaller size. In Cryptography, Hash function takes an arbitrary string and returns the fixed size string, called hash value of the input string. Input string is called message and the output hash is called digest. Here one thing to note that input string may be of any size but output will always be of same length.
hash_function("hello") = 2cf24dba5fb0a30e26ea03hac5b9e2asj8el1e5c1fa7425e730d3J62K38b9824
hash_function("hbllo") = 58H5v8796bd9ec38ac9866dH2fad6a93f8146f337a69afej!dd238f336494636
Hashing plays an important role in cryptography because of its following properties.
- · No two strings can have same hash value.
- · It is easy to computer the hash value of any data.
- · Hash functions do one way mapping. So it is infeasible to generate message from given hash.
- · A single character modification in message will also modify its hash value.
There are various hashing algorithms are available but most of them are not secure. Web masters generally use MD5 and SHA-1 for password hashing. Now days SHA-3 is think of most secure hashing algorithm. But most of people use MD5.
Hash Cracker: I have already mentioned the four properties of hash functions. If you take a look again, you will find that hash functions are one way mapping function. So no one can message from hash. If it is true, how hackers crack the hash? How they generate password from its hash?
Actually hackers never had any reverse algorithm; they attack with on hash with password dictionary. First of all, hackers create a list of known passwords. Then they generate hash of those passwords and compare with the known hash. If the hash matches, they know the password.
There are many lookup tables and rainbow tables are also available which has millions of passwords with their hashes. It makes it easy to know the password just by hash.
Most of the known hash cracker tools have ability to crack MD5, SHA-1, SHA-256, SHA-384, SHA-512 Hashes. If you just Google about MD5 cracker, you will find so many online crackers. Now days, you can just break the MD5 of common passwords by Google. Paste the MD5 in Google and you will see the original password in the search result.
So use of these password hashing algorithms are not trusted. If websites store password simply by MD5 hashing, it is not as much secure as we need.
Proper And Secure Hashing Methods: As we know that hashing is not as much secure as we think, so it is not enough to just hash the password. There must be some secure implementation with the hashing. There have been many algorithms being proposed by security researchers but these new algorithms can only be implemented after having a good discussion.
In this paper, I am going to write few secure ways which make the hash strong.
Hash with Salt: Salting is the technique which makes it impossible to crack password on the base of dictionary attacks. Salting with hash is similar to the hashing. We only create a random salt of each password and then combine it with the password to create final password hash. Including the salt will also ensure that two users with same password will have different hash value at the database.
Although it is not impossible to break slated password, but it increases the time complexity of the attack. Attacker needs to re generate the tablets with multiple salt combinations. I think that is not an easy job.
Different developer use different approach of using salt for secure hashing. But there are mainly two approaches.
- 1. Store password and hash in the database
- 2. Create random salt unique to user and computable at anytime.
Store password and hash in the database: This is a weaker approach, but most of the developers still use it. In this kind of salting, developer compute salt for the password of each user and then store it in the database along with the password hash. This stored salt is used to compute the password hash each time it needs to authenticate the user.
Ex: Simple implementation of salt for generating hash. (This code is only for explanation. It is not recommended.)
$salt = time();
$passwordhash = md5( $passwd . $salt);
$query = 'INSERT INTO LOGIN VALUES (' .$userName. ', ' .$passwordhash. ', '.$salt. ')';
if ( !mysql_query( $query ) )
exit( "unable to add new values into the database! " );
echo('password stored successfully in the database.');
By the above sample code, developer generate salt and password hash. We can see that developer is using timestamp as salt which will be unique for each user. There may be many ways for salt generation. Most of time, these methods are developer specific.
To authenticate the user, developer will fetch the salt and then generate the hash with supplied password. Then he will match it with the stored password.
This mechanism is more secure than using simple hashing. But hacker will also get the salt for each user which will help him to crack the password. But that will also not an easy job.
For making this process more secure, developers use cryptographically secure random number generator to create salt each time and then store it in database.
Create random salt unique to user and computable at anytime: This approach is more secure than the previous one, but it needs lots more computation. In this method, developer never stores the salt. They generate the salt each time they need to calculate the password. So salts are computed in a way so that they are computable at any moment.
$password = "passw0rd"
$salt = sha1($password);
$password = md5($password.$salt);
$password = "banana"
$salt = md5($password);
$password = sha1($password.$salt);
If we analyze both the methods, we will see the second approach is more secure. In this case, neither attacker knows the salt, nor he knows how salt will be computed. This was really a blind attack for him and almost an impossible way to crack.
For increasing the security of salted method, you can add double salt each side of the password or salt two times at any side of the password. These methods will increase the time complexity of attack and hard to crack the password.
Few things to avoid while using salting: Here are few points which must be remember and avoid while implementing salting.
Never use same salt for all passwords and never repeat salts. These passwords can be cracked with the help of dictionary attacks. Only thing attacker needs to append salt at each password and compute hash.
Never use short salt. As we know that dictionary attack is used to break hashing, short salted hash will be easier to crack than long salted hash.
Never use multiple hashing as given. As given below:
md5(sha1(md5(md5($password) + sha1($salt)) + md5($password)))
These will not add extra security but will surely increase risk of collisions, which is bad.
bCrypt: It is an alternate encryption which was introduced in 1999. Now it is the most secure method for encrypting and storing password. But it not used as it should be. It is more complicated and use blowfish block cipher. In this encryption method, 128 bit salt is used along with the enhanced blowfish known as eksblowfish. Eksblowfish means expensive key schedule blowfish.
bcrypt(cost, salt, passwd)
Cost: Key scheduling controller
salt: salt to use with password (128 bit value)
Passwd: password in plain text (up to 56 bytes).
Bcrypt has proven itself as an important and useful key derivation function. This is the reason why most of the programming languages have easy implementation methods.
This method is designed to be slow and takes much more time that sha1 and MD5. So, most of developers do not use it. In general, bcrypt() takes 100ms to compute password hashes from plain text. In bcrypt, it executes an encryption algorithm many times in the loop. Number of rounds is configurable.
Some Points to remember: Although I have discussed salting and bcrypt for making hashes more secure, there are few suggestions for developers which they should know.
· Avoid use of general hashing algorithms such as MD5, SHA1. These generate secure one way hashes but rainbow tables available online have generated millions of hashes of common passwords. So hashes, generated by these algorithms can be cracked easily with these online tables.
· Never ever try to develop your own cryptographic algorithm for encrypting passwords. If you have interest in developing your algorithm, first present it in front of security researchers and submit in various conferences. This is the best way to check whether your algorithm is secure or not. Never implement these kinds of algorithms. MD5 and SHA1 are better than your algorithms (which are not discussed by security researchers).
· Password and login management must be done by skilled developer. A new person can destroy the security by implementing weak code.
· Avoid using short length salt. Multiple hashing is also a bad practice and not recommended. It only increases collision. Most of the times resulting hash is weaker than hash generated in single hash.
Conclusion: In this paper, I have discussed salting and bcrypt for generating secure password hashes. Because default hashing functions are not safe now. Rainbow tablets, dictionary attacks and bruteforce attack are common ways which can crack these secure hashes. Although salting improves security and time to crack, but we cannot say it 100 percent secure. It only increases time complexity of attack. But it does not make password cracking impossible.
Handling password and hashes is not an easy task. But it is necessary step for making website passwords secure and gaining user trust. Most of the cryptographic security researchers are trying to implement secure password hashing algorithm. So developers should try to adopt new ways to make their password storage more secure.
Generating a secure salted hash is still a topic of discussion. We see daily password leakage news in which hacker posts password hashes of users’ password. Most of the times, they are able to crack these hashes too. So security researchers are trying to make it more secure day by day. Many new algorithms have been proposed daily. But nothing is 100% secured.
So users should also take care about their security. As I have discussed, most of the rainbow table contains common passwords list. So users should try to avoid common password. The more complex and hard to guess password they will use, the more secure their account will be. They should use some random password with capital small combination, use of some special characters and numbers. Length also plays an important role. Password length must be more than 10 characters.