Is PHP.net a credible resource for 'any' PHP reference? [closed]
Revising my "question" so as not to rustle the natives.
It seems there are so many resources around the internet these days (SO included) that finding "an" answer to a question may be easy, but how to tell if that answer is valid or even up to date?
One area in particular and one that gets asked a lot is how to deal with hashing and encryption properly with PHP for preparation in database storage. One common answer on SO always seems to be "Have you visited php.net yet?". While I understand this typically comes to a question in which somebody asks the simplest of questions, I have started to find some of the descriptions seem to conflict and more importantly, the user examples are outdated (a lot from 2008-2009).
For example: when seeking why and how to use password hashing: http://www.php.net/manual/en/faq.passwords.php#faq.passwords.fasthash
In summary, I learn that sha1 and md5 are fast and computationally efficient methods of hasing, they are no longer suitable for password hashing. The suggested method is to use the crypt() function.
When learning more about crypt() and in particular blowfish hashing, the rules stated on the page are as follows:
http://www.php.net/manual/en/function.crypt.php
- start my salt with $2a$
- continue with two numeric values (user below has stated the significance of this whereas php.net does not)
- follow with a $
- enter 22 alpha-numeric characters
Further reading gives an example of:
<?php
if (CRYPT_BLOWFISH == 1) {
echo 'Blowfish: ' . crypt('rasmuslerdorf', '$2a$07$usesomesillystringforsalt$') . "\n";
}
?>
It seems the example on the same page does not follow the rules it just told us to use (26 characters after "$2a$07$".
The return has is:
Blowfish:
$2a$07$usesomesillystringfore2uDLvp1Ii2e./U9C8sBjqp8I90dH6hi
essentially, the string itself does in fact get altered but nearly my entire SALT value (the first 22 characters mentioned above) is sitting wide open. Wouldn't this make it somewhat simpler to determine what my actual string was?
More importantly, this is only one example but ultimately, how heavily should resources such as PHP.net be relied upon?
As my friend Mugatu once said "I feel like I'm taking crazy pills".
Note: the pages mentioned above were edited since my original posting so I cannot guarantee things have not changed since my original question and examples provided.
You're right, the internet (being a wonderful and terrible place) is FULL of contradictory information on how you should do this. I have my own opinions (I like EksBlowfish for one-way password hashing) which I outline in this shameless, self-serving blog plug.
One important note, in case you don't follow that link. The two numbers that follow $2a$
are NOT RANDOM. They are the Log-Base-2 of the number of rounds of EksBlowfish to run on the string; basically, every time you increment the number by 1 (e.g., $2a$07$
to $2a$08$
), you double the amount of time it takes to calculate the hash.
This is by design -- it allows EksBlowfish to be extremely computationally expensive, and when hardware scales up (Moore's law) you can bog it back down and make it expensive again.
As a good friend of mine put it, the only real way to try to fend off a good cracker is to waste their time. Again, check out this shameless, self-serving blog plug if you want more information on (a) EksBlowfish and (b) why you should use it; if you want, skip to the end of the article for links to things written by people who are significantly smarter than I am.
Edit
As for why PHP includes direct implementations of things like SHA-1 and MD5 is because PHP wasn't invented yesterday, it's been around (in various forms) for 20 years. MD5 used to be considered secure. Things change.
Older hashing algorithms such as sha1 and md5 are great for some things, such as hashing data for fast retrieval. While the are not cryptographically secure (anymore), they are still useful and are much faster to compute than more-secure algorithms such as sha256.
Sha1 and Md5 were once relatively computationally secure, when it was not commercially feasible (if you weren't the NSA or KGB) to crack them by brute force. Now, a rainbow table or GPU-enabled brute force algorithm allow anyone to map a hash into an input that generates that hash in reasonable time. A few years back, that was not the case.
The problem with many sites (besides the ones that have no idea what they're talking about) is that the ones that WERE applicable a year ago are still popular, but contain outdated information. There was a time when MD5
and SHA1
were top of the line hashing algorithms. Unfortunately, that is not the case nowadays; numerous lookup tables exist to simply enter a hash and receive a working key, or one could simply brute force their way into them. Also unfortunately, many software packages still rely on them, which is one of the reasons they still exist.
Despite their shortcomings as secure hashing algorithms, they are still applicable in many instances such as generating a file checksum. Using MD5 for this is quick and painless, and most checksum checking software still support checking the file against an HD5-sum.
PHP supports a vast array of hashing algorithms. Check out the hash()
function, which is extensible to support newer hashes as well. You can find out what your server supports using hash_algos()
. Personally, I use SHA-512 with a salt, because a bigger number in the hash name means a better hash. Right? :)
精彩评论