rfc:password_hash_spec
Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
rfc:password_hash_spec [2014/07/23 04:23] – created yohgaki | rfc:password_hash_spec [2018/03/01 23:20] (current) – RFC is Under Discussion carusogabriel | ||
---|---|---|---|
Line 4: | Line 4: | ||
* DateModified: | * DateModified: | ||
* Author: Yasuo Ohgaki < | * Author: Yasuo Ohgaki < | ||
- | * Status: | + | * Status: |
* First Published at: http:// | * First Published at: http:// | ||
Line 12: | Line 12: | ||
Unlike other hash functions, Blowfish is designed to take limited length as its parameter. Bytes longer than 72 bytes are truncated to compute hash value. Current implementation does not have check against too long parameter. Therefore, too long parameter is silently ignored. Average users expect " | Unlike other hash functions, Blowfish is designed to take limited length as its parameter. Bytes longer than 72 bytes are truncated to compute hash value. Current implementation does not have check against too long parameter. Therefore, too long parameter is silently ignored. Average users expect " | ||
- | Before PHP 5.3, crypt() could not be used reliably because it didn't have required hash function internally. Therefore, code like below is used commonly. | + | Before PHP 5.3, crypt() could not be used reliably because it didn't have required hash function internally. Therefore, code like below is used commonly. Note: According to this [[http:// |
- | < | + | < |
<?php | <?php | ||
$password_hash = sha1(SOME_STATIC_SECRET_SALT . $_POST[' | $password_hash = sha1(SOME_STATIC_SECRET_SALT . $_POST[' | ||
Line 26: | Line 26: | ||
If user writes code like below, password_hash() does not work for authentication when SOME_STATIC_SECRET_SALT is long enough. (e.g. const = SOME_STATIC_SECRET_SLAT = hash(' | If user writes code like below, password_hash() does not work for authentication when SOME_STATIC_SECRET_SALT is long enough. (e.g. const = SOME_STATIC_SECRET_SLAT = hash(' | ||
- | < | + | < |
<?php | <?php | ||
// $password_hash = password_hash(SOME_STATIC_SECRET_SALT . $_POST[' | // $password_hash = password_hash(SOME_STATIC_SECRET_SALT . $_POST[' | ||
Line 37: | Line 37: | ||
</ | </ | ||
- | In general, users are recommended to use crypt related functions as is and this is documented currently. However, SOME_STATIC_SECRET_SALT is still useful as mitigation when password database is stolen while SOME_STATIC_SECRET_SALT is _not_ stolen. (e.g. Stolen password DB via SQL injection, stolen password db backup, etc) Therefore, some organizations require to add secret salt for an additional mitigation. | + | In general, users are recommended to use crypt related functions as is and this is documented currently. However, SOME_STATIC_SECRET_SALT is still useful as mitigation when password database is stolen while SOME_STATIC_SECRET_SALT is _not_ stolen. (e.g. Stolen password DB via SQL injection, stolen password db backup, etc) Therefore, some organizations require to add secret salt for an additional mitigation. 72 bytes limits is real problem in this case. |
Line 51: | Line 51: | ||
- Add PASSWORD_SHA512 hashing to password_hash() that is compatible with crypt-sha512 | - Add PASSWORD_SHA512 hashing to password_hash() that is compatible with crypt-sha512 | ||
- | password | + | Password |
+ | |||
+ | Recommend plain use of password_hash() with less than 72 bytes. | ||
In case we decided not to have PASSWORD_SHA512, | In case we decided not to have PASSWORD_SHA512, | ||
- | - Suggest PBKDF2 SHA512 functions ([[http:// | + | |
+ | - Suggest workaround (not recommend) by prehash with raw SHA512. (e.g. password_hash(hash(' | ||
===== Backward Incompatible Changes ===== | ===== Backward Incompatible Changes ===== | ||
- | E_NOTICE may break apps | + | password_hash() |
===== Proposed PHP Version(s) ===== | ===== Proposed PHP Version(s) ===== | ||
Line 69: | Line 72: | ||
==== To Existing Extensions ==== | ==== To Existing Extensions ==== | ||
- | string | + | * [[http:// |
==== New Constants ==== | ==== New Constants ==== | ||
- | PASSWORD_SHA512 for crypt-sha512 | + | * PASSWORD_SHA512 for crypt-sha512 |
==== php.ini Defaults ==== | ==== php.ini Defaults ==== |
rfc/password_hash_spec.1406089391.txt.gz · Last modified: 2017/09/22 13:28 (external edit)