Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:60812 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 18103 invoked from network); 13 Jun 2012 21:31:39 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 13 Jun 2012 21:31:39 -0000 Authentication-Results: pb1.pair.com header.from=nikita.ppv@googlemail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=nikita.ppv@googlemail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain googlemail.com designates 209.85.160.170 as permitted sender) X-PHP-List-Original-Sender: nikita.ppv@googlemail.com X-Host-Fingerprint: 209.85.160.170 mail-gh0-f170.google.com Received: from [209.85.160.170] ([209.85.160.170:47130] helo=mail-gh0-f170.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 8D/16-08889-AB609DF4 for ; Wed, 13 Jun 2012 17:31:38 -0400 Received: by ghbg2 with SMTP id g2so969333ghb.29 for ; Wed, 13 Jun 2012 14:31:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=ojV76RzzrEGjzWAeoZzPE5csD3BdArNQF3Vx/zF6GjM=; b=QHp9c0xdaHPY/yaIVhNp6rLX45lpxn74x3yPEbE+vDG+Rc47eQ2NyrYKmCHpDmYMPO fNwkuQcbu+e3HVEw0siOH+rbzDum4s1uwAaYinBwXDAI22Fkgck5Tsw9RaMor8EfAYft qbUfazByISNhknbGAuuaiJWTaUIjTjqev+CVR8zsYbZR4O4noKmwP/nd+GWW8R6l7YfU lHSSiWFTCvgZ4yxm6iH99OS3p+ESsIA3vClv2ZbRgllhZYOUrGXqBKL2eaphYmv3gdWM nTE4cdtUwaZCQKXwNHbSe2TByUCGK7gEYz3wofYezCrQrHZ50RBPsxfsCUyYqsbYyrda tIQQ== MIME-Version: 1.0 Received: by 10.60.29.72 with SMTP id i8mr23642743oeh.26.1339623095078; Wed, 13 Jun 2012 14:31:35 -0700 (PDT) Received: by 10.182.192.101 with HTTP; Wed, 13 Jun 2012 14:31:35 -0700 (PDT) Date: Wed, 13 Jun 2012 23:31:35 +0200 Message-ID: To: PHP internals Content-Type: text/plain; charset=ISO-8859-1 Subject: Adding a simple API for secure password hashing? From: nikita.ppv@googlemail.com (Nikita Popov) Hi internals! Recent incidents have shown that even very large websites still don't get how to do password hashing properly. The sha1 hashes used by Linkedin et al can be easily cracked even by amateurs without special hardware. What could be the reason for this? Why don't people use bcrypt? It is being recommended already for *years*, but still most people don't seem to make use of it. I think the reason is that it is incredibly hard to use crypt() correctly, mainly for the following reasons: * For many people the syntax is hard to grasp. The hashing algorithm is specified as the salt parameter, which is somewhat non-obvious (at least for me). * The fact that you verify a password using $hash == crypt($password, $hash) is equally non-obvious. * Generating correct salts for bcrypt is quite complicated. It is encoded in some strange base64 format, thus requiring an additional function to create it. Additionally it isn't particularly easy to fetch the random bytes for the salt as you have to check several possibilities for a cross-platform solution (mcrypt initialization vector, openssl, /dev/*random, mt_rand etc). Correctly hashing a password with bcrypt thus requires about a hundred lines of code. So one either has to import a library (and strangely it seems that people don't like to do that!) or has to roll your own (usually implementing some part incorrectly...) Obviously it's somewhat tempting to use a one-liner sha1() hash instead of a hundred line bcrypt hash. So, wouldn't it be better if PHP provided an easy to use API for secure password hashes natively? So you just have to call a single function, which magically handles everything for you (like salt generation). A simple sample API could be two functions password_hash($password) and password_hash_verify($password, $hash). But it could just as well be a fancy, extensible OOP API. I think this would greatly improve the hashing situation for PHP. Thanks, Nikita