I've read somewhere that md5 passwords are becoming hackable with a method called "rainbow tables".
To defend against these tables, is needed to include salts in password hashes.
For this reason the mybb password encryption is the seguent:
md5(md5($salt).$password);
I was wondering why using salts is so needful... By what I've understood, salts just increment the length of a password has, making it more difficult to discover.
So, why don't using
md5(md5($password).$password);
instead of creating a salt, putting it into database...
Which is the difference?
I hope someone will clear my doubts
A salt is a unique flavoring to the password that makes it nearly impossible to decrypt because you need the salt. Each users id has it's own salt for the md5 password. It's extremely secure and most sites recommend a salt over all other methods.
There are now dictionaries of hashed md5 words. To break a salted md5 password where the hackers doesn't know the salt is a heck of a feat. It may be years before it can be done.
Salt does a LOT more than vary the length.
http://phpsec.org/articles/2005/password-hashing.html
Think about it, if you have an password and you add it twice, don't you think anyone will find it funny that the same value is repeated?
Salt is generated randomly not related to the password at all.
Of course the easiest way of being secure is to not use an actual "word" as the password.
Instead, always use a mixture of letters and numbers. If you can't force yourself to remember random characters, then try various patterns such as the following:
Take your birthdate, your initials, last 6 digits of your phone number (i.e things that you have already memorized).
Next, just mix them up a bit to form a password. That way, no md5 dictionary will ever be able to find a match for it.
Quote:Salt is generated randomly not related to the password at all.
I see, randomly generated not base on username neither pass itself?
Different user will have different SALT.
for example,
If I applied password+salt from an user and to another (directly taken from SQL), It does mean other user will have same password with?
(2006-09-16, 01:59 PM)Dollarius Wrote: [ -> ]By what I've understood, salts just increment the length of a password has, making it more difficult to discover.
It has nothing to do with the length of the password.
(2006-09-16, 01:59 PM)Dollarius Wrote: [ -> ]So, why don't using
md5(md5($password).$password);
instead of creating a salt, putting it into database...
Because you can then write a program that calculates hashes for all possible values of $password and store the results in a huge table. And then use this table to go from the hash to possible clear text passwords.
Creating such a rainbow table takes ages, but if you can then use it for all accounts of all mybb forums in the world, because all use this system, it'd pay off.
Only if you add a completely random string to the equation (the salt), you prevent rainbow tables or rather, a separate rainbow table would have to be created for every single user account, making it too expensive to be worth the effort.
Plus remember this people, you're MD5ing an already MD5ed salt concatenated to an MD5ed passwd, so you're getting multilevel encryption too. If you break the first level of MD5 encryption on a MyBB hashed passwd, you've still got nothing.
Nice bump.
(2010-01-09, 05:47 PM)ralgith Wrote: [ -> ]Plus remember this people, you're MD5ing an already MD5ed salt concatenated to an MD5ed passwd, so you're getting multilevel encryption too. If you break the first level of MD5 encryption on a MyBB hashed passwd, you've still got nothing.
That's a rather weak-ish improvement as far as security is concerned. Many hash functions internally have a number of rounds (am unsure about MD5).
(2010-01-09, 10:58 PM)Yumi Wrote: [ -> ]Nice bump.
(2010-01-09, 05:47 PM)ralgith Wrote: [ -> ]Plus remember this people, you're MD5ing an already MD5ed salt concatenated to an MD5ed passwd, so you're getting multilevel encryption too. If you break the first level of MD5 encryption on a MyBB hashed passwd, you've still got nothing.
That's a rather weak-ish improvement as far as security is concerned. Many hash functions internally have a number of rounds (am unsure about MD5).
My point being, if the initial MD5 is unmasked, they're still left with a useless hash, and its STILL salted. That is NOT weak.
(2010-01-10, 02:30 AM)ralgith Wrote: [ -> ] (2010-01-09, 10:58 PM)Yumi Wrote: [ -> ]Nice bump.
(2010-01-09, 05:47 PM)ralgith Wrote: [ -> ]Plus remember this people, you're MD5ing an already MD5ed salt concatenated to an MD5ed passwd, so you're getting multilevel encryption too. If you break the first level of MD5 encryption on a MyBB hashed passwd, you've still got nothing.
That's a rather weak-ish improvement as far as security is concerned. Many hash functions internally have a number of rounds (am unsure about MD5).
My point being, if the initial MD5 is unmasked, they're still left with a useless hash, and its STILL salted. That is NOT weak.
If the MD5 was reversed, then I don't have much hope that the second round provides much more security. The strength in the system
relies upon MD5 being secure. If it isn't, then it doesn't matter how many rounds of MD5 you do, it's insecure.
Salts prevent duplicate hashes if two people happen to use the same password, and also help against precomputed hashes. They also may has a side effect of reducing the collision domain slightly, though this doesn't really matter if the initial collision domain was very large to begin with (128bits _is_ sufficiently large). They do NOT strengthen the hashing algorithm.
If you're having trouble understanding the concept, concoct your own very basic and easily reversable hash algorithm and apply the same concept.