Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:60998 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 9019 invoked from network); 27 Jun 2012 13:16:52 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 27 Jun 2012 13:16:52 -0000 Authentication-Results: pb1.pair.com header.from=ircmaxell@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=ircmaxell@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.216.182 as permitted sender) X-PHP-List-Original-Sender: ircmaxell@gmail.com X-Host-Fingerprint: 209.85.216.182 mail-qc0-f182.google.com Received: from [209.85.216.182] ([209.85.216.182:34624] helo=mail-qc0-f182.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 6E/28-02132-3C70BEF4 for ; Wed, 27 Jun 2012 09:16:52 -0400 Received: by qcsg15 with SMTP id g15so579820qcs.13 for ; Wed, 27 Jun 2012 06:16:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=MwXW+MOtyqgplYG1xVIbHz+DD3PxwlPaNxEE9qlm1ns=; b=VZ2JR4K2kSSx9pUElacyml2WkMnrPtJyVbrJKESZZV0+AFEFBtA29aeGw5dcbJ54NG PH8Sq739hzO2bWm+1eC7I/Nw2ZawqRKim1DQ58PXdB6Dmzaa2lHEbDmXTcmKqtL5v8jJ ki6drwevs6B6Ko6gwNoszUmlqAUsxt+BhISvkX3O+25okvRU3psRjCBaKQNXiKcAVYRT yihHEydlijo6trSHVaFb8OJP5CO21ITFoFiSEWLY22yjbdXpVLzPEt9zJtVP6MvUmdkl DYWfsZ8tTLiuH52gRTIt0uYuw3dJc2eNc6f4YpDkrxavKRMhgcQiQNEhb/oaApcZEONe uJbA== MIME-Version: 1.0 Received: by 10.229.135.4 with SMTP id l4mr8734271qct.39.1340803008629; Wed, 27 Jun 2012 06:16:48 -0700 (PDT) Received: by 10.229.232.11 with HTTP; Wed, 27 Jun 2012 06:16:47 -0700 (PDT) In-Reply-To: <20120627130734.GA17477@openwall.com> References: <20120627092217.GA16399@openwall.com> <20120627130734.GA17477@openwall.com> Date: Wed, 27 Jun 2012 09:16:47 -0400 Message-ID: To: Solar Designer Cc: Pierre Joye , Herman Radtke , Nikita Popov , PHP internals Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: Re: [PHP-DEV] Adding a simple API for secure password hashing? From: ircmaxell@gmail.com (Anthony Ferrara) Alexander, > BTW, what version of PHP introduced the =3D=3D=3D comparison operator? > I guess this should become the minimum version for phpass since this is > highly desirable to use. > > http://www.php.net/manual/en/language.operators.comparison.php does not > say anything about that. > That's been in there for quite some time... I know at least php 5.0 had it (and I'm pretty sure it was 4)... > Thank you for not including other crypt() hashes. =A0I fully support > starting with bcrypt only, and only adding to it if there's something > actually better, not just for the sake of giving more options to a user > who can't make an educated decision. I originally included them, but then it was pointed out that they are weaker, and I was asked *why include them*. when I couldn't answer, I pulled them... > In the same spirit, while I support your proposal to add PBKDF2 to PHP > proper, let's not add a crypt()-like hash encoding based on PBKDF2. > I'd rather not see additional weaker-than-bcrypt hash types in use. > In other words, I oppose your $pbkdf$ thing from PHP-PasswordLib. ;-) I had no plan on adding that to the core... So we're in perfect agreement there... (although in a side-lib, I don't see the harm as long as it's not default). > For that, we'd need to decide on a proper crypt() hash encoding syntax > for scrypt - something Colin chose not to do so far. =A0At the very least= , > we'd need to know and consider his current opinion on the matter. =A0IIRC= , > when I asked in 2010 (in March or April), his reply was that he did not > feel scrypt was mature enough for that (it was about 1 year old at the > time, since 2009). Agree. If I was to add it (I've been thinking about it), I would add it along side hash_pbkdf2 as hash_scrypt(). I would prefer waiting for the standard encoding syntax (so that we're not creating a new one) to include it in crypt(). > It might happen that we come up with another memory-hard function to use > for password hashing before there's an agreed upon hash encoding syntax > for scrypt in particular. =A0To me, this possibility is a reason not to > hurry with introducing such syntax for scrypt. =A0We also need to decide > on an approach to this: > http://www.openwall.com/lists/crypt-dev/2011/05/12/4 > (dealing with the memory requirements with concurrent authentication > requests). =A0Well, maybe just require relatively little memory - way mor= e > than bcrypt, but less than what scrypt was originally designed for. Sure... > Meanwhile, I suggest that we treat scrypt just like we do PBKDF2 - > provide a native function for it as a KDF, but no crypt() hash encoding > syntax for its use for password authentication yet (even though this > might be a more relevant use of it in PHP in the long run). Again, agreed. > Maybe, but if we add scrypt proper then I see little use for Salsa20/8 > on its own. Very true. Was just a thought. > What was the reason why Salsa20 was dropped in 5.4 (it was in 5.3, but > probably not usable for scrypt because of different round count)? I don't know. I was trying to find that out but everywhere I looked turned into a dead end. Thanks, Anthony