Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:86126
Return-Path: <cmbecker69@gmx.de>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 92206 invoked from network); 6 May 2015 19:17:51 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 6 May 2015 19:17:51 -0000
Authentication-Results: pb1.pair.com header.from=cmbecker69@gmx.de; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=cmbecker69@gmx.de; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmx.de designates 212.227.17.20 as permitted sender)
X-PHP-List-Original-Sender: cmbecker69@gmx.de
X-Host-Fingerprint: 212.227.17.20 mout.gmx.net  
Received: from [212.227.17.20] ([212.227.17.20:63200] helo=mout.gmx.net)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 8B/F1-13398-DD86A455 for <internals@lists.php.net>; Wed, 06 May 2015 15:17:50 -0400
Received: from [192.168.0.101] ([88.134.68.210]) by mail.gmx.com (mrgmx101)
 with ESMTPSA (Nemesis) id 0MhMg2-1YcHIO0lhi-00McOQ; Wed, 06 May 2015 21:17:46
 +0200
Message-ID: <554A68DF.6050403@gmx.de>
Date: Wed, 06 May 2015 21:17:51 +0200
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: Leszek Krupinski <leafnode@gmail.com>
CC: PHP Internals <internals@lists.php.net>
References: <554929FC.1010807@gmx.de> <CAOmo6z9XAhJjfGuDjrPTw+VpC9O_5x3ZNc77w1hQkGUNmwayxQ@mail.gmail.com>
In-Reply-To: <CAOmo6z9XAhJjfGuDjrPTw+VpC9O_5x3ZNc77w1hQkGUNmwayxQ@mail.gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-Provags-ID:  V03:K0:myMtX6+P/EX7uDeQNLzfL2j+bFIst14xdz4nAhnUeUphp1QVaUw
 QcfwBUuKPtEVN0+bdgZsP0rdjEHs2Kk3iIVLS1aEnd4RbWR648ThhCprGgXYZUzKS76kT7D
 8si+glTgHryscF7o5M2YvS1PRIe1FjTg1fRbANmNg8BmxfnhjHtHrM2zfflxxbzcQB11hea
 OJEEfdayVZhTAzWtvqwYQ==
X-UI-Out-Filterresults: notjunk:1;
Subject: Re: [PHP-DEV] password_hash() best practices
From: cmbecker69@gmx.de (Christoph Becker)

Leszek Krupinski:

> While I agree that the statement "bcrypt is better than PBKDF2, thus only
> bcrypt should be used" is difficult to defend, 

Well at least the StackExchange thread[1] pointed out by Nikita supports
the statement.

> I think saying "bcrypt is a
> homegrown solution, only PBKDF2 is a good way to do it" is also wrong and
> OP is opinionated.

ACK.

> IMO - docs should describe alternatives, without statements "X is better
> than Y", but we also should include PBKDF2 as an option for password_hash()
> - PHP7 is (theoretically, apparently) closed for new features, but we
> should target the next possible version. I'm not sure if we should opt for
> changing the default.

As Nikata has pointed out there is no standardized crypt-compatible
format for PBKDF2, so it seems to be preferable not to add it to
password_hash().

> Regarding iteration count: (again, IMO) 1024 is a bit low, but 128000 as a
> default for everyone might be a bit too much.

As I understand it, the iteration count has to be very different for
bcrypt and PBKDF2 (the latter requiring much more rounds).  Increasing
the default cost factor of bcrypt from 10 to 11 or 12 seems to be
reasonable, considering that 10 had be chosen nearly two years ago.

[1]
<http://security.stackexchange.com/questions/4781/do-any-security-experts-recommend-bcrypt-for-password-storage>

-- 
Christoph M. Becker