[Cryptography] The proper way to hash password files
Hanno Böck
hanno at hboeck.de
Thu May 22 15:06:34 EDT 2014
On Thu, 22 May 2014 13:09:57 -0400
Phillip Hallam-Baker <phill at hallambaker.com> wrote:
> Lots of sackcloth and ashes as EBay loses a password file.
>
> It occurs to me that most of the time, machines do password files
> wrong. Rather than using a salted hash, a better approach would be to
> use a MAC with a randomly chosen key that is never disclosed.
And now how do you guarantee that the key is never disclosed? I mean if
you can do that you can also just make sure the password database gets
never disclosed.
This is the whole point I find annoying about the whole password
hashing / saving debate: Basically, when your database gets stolen
that's one of the worst things that can happen. And no amount of
intelligent storage of passwords will change that.
You can mitigate it a little bit by making password cracking attemps
harder. But you can't change the fact that it's one of the worst things
that could happen. Better try to invest your time in protecting your
database than debating whether scrypt or bcrypt or [insert whatever] is
better.
--
Hanno Böck
http://hboeck.de/
mail/jabber: hanno at hboeck.de
GPG: BBB51E42
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140522/5d78f907/attachment.pgp>
More information about the cryptography
mailing list