SlideShare a Scribd company logo
Password (in)security
How to generate and store passwords
          in a secure way

        by Enrico “cerin0” Zimuel
About me
                                                                 1998
 Enrico “cerin0” Zimuel
 Developer since Texas Instruments TI99/4A
 Research programmer, Informatics institute of UvA (Amsterdam)
 Core team of the open source project Zend Framework
 Co-author of the books “Segreti, Spie Codici Cifrati”, “Come si fa a
usare la firma digitale”, “PHP Best Practices”
 Founder of the PHP User Group Torino
 http://www.zimuel.it
Password



   A password is a secret word or
string of characters that is used for
           authentication.
User perspective:

  How to choose a “secure” password?


   Developer perspective:
How to store a password in a secure way?
Password security



Basically every security system
    is based on password.
When security fails...
linkedin.com


    Hack: 6th June 2012
More than 6 million passwords
     was compromised
      SHA1 password
eharmony.com


     Hack: 6th June 2012
More than 1.5 million passwords
      was compromised
       SHA1 password
last.fm


  Hack: 7th June 2012
? million passwords was
      compromised
     MD5 password
yahoo.com



        Hack: 12th June 2012
 443K passwords was compromised
SQL injection, password in plaintext!
How to choose a “robust”
    user's password
Password (in)security
Some best practices:

●
  No personal information
●
  A long pass phrase is better than a shorter
random jumble of characters
●
  At least 10 characters long
●
  Don't use the same password for everything
●
  Change your password from time to time
http://howsecureismypassword.net/
Developers



Force the user to generate
    robust password
Developers


How to store a password in a
       secure way?
Old school (deprecated)



 Use hash algorithms like
      MD5 or SHA1
New school (deprecated?)



 Use hash algorithm + salt
    (a random string).
Using hash + salt



Prevent dictionary attacks? YES
Prevent brute force attacks? NO
Brute forcing attacks


CPU power is growing (multi-core)
GPU are rendering password security
useless
Use a Cloud system (n-CPU)
Brute forcing with a GPU




             Source: www.nvidia.com
GPU and CUDA


CUDA™ is a parallel computing
platform and programming model
invented by NVIDIA
Extreme GPU Bruteforcer
    using NVIDIA GTS250 ~ $100

Algorithm           Speed              8 chars      9 chars     10 chars
md5($pass)          426 million p/s    6 days       1 year      62 years
md5($pass.$salt)    170 million p/s    14 days      2 ½ years   156 years
sha1($pass)         85 million p/s     29 days      5 years     313 years
sha1($pass.$salt)   80 million p/s     31 days      5 years     332 years


       Password of 62 characters (a-z, A-Z, 0-9)


              Source: http://www.insidepro.com/eng/egb.shtml
IGHASHGPU
              ATI HD 5970 ~ $700

Algorithm      Speed                 8 chars      9 chars   10 chars
md5($pass)     5600 million p/s      10 hours     27 days   4 ½ years
sha1($pass)    2300 million p/s      26 hours     68 days   11 ½ years




       Password of 62 characters (a-z, A-Z, 0-9)


               Source: http://www.golubev.com/hashgpu.htm
Whitepixel
4 Dual HD 5970
~ $2800



Algorithm     Speed                 8 chars      9 chars  10 chars
md5($pass)    33 billion p/s        1 ½ hour     4 ½ days 294 days




       Password of 62 characters (a-z, A-Z, 0-9)
                Source: http://blog.zorinaq.com/?e=42
Secure algorithms for
         password storing


●Hash + salt + stretching (i.e. PBKDF2)
● bcrypt
● scrypt
Hash + salt + stretching


●   Stretching = iterate (hash + salt) n-times

key = ““
for 1 to n­times do
  key = hash(key + password + salt)
How to estimate the
           number of iterations?
●The number of iterations depends on the CPU
speed, should take around 1 sec to be considered
secure

●   For instance, this PHP code:
   <?php
   $key='';
   for ($i=0;$i<NUM_ITERATIONS;$i++) {
    $key= hash('sha512',$key.$salt.$password);
   }

runs in 900 ms with NUM_ITERATIONS= 40'000 using
an Intel Core 2 at 2.1Ghz
PBKDF2

● PBKDF2 (Password-Based Key Derivation Function 2)
is a key derivation function that is part of RSA
Laboratories' Public-Key Cryptography Standards
(PKCS) series, specifically PKCS #5 v2.0
● PBKDF2 applies a pseudorandom function, such as a
cryptographic hash, cipher, or HMAC to the input password
or passphrase along with a salt value and repeats the
process many times to produce a derived key, which can
then be used as a cryptographic key in subsequent
operations
PBKDF2 in PHP
PBKDF2 in PHP (Zend Framework 2.0)
function calc($hash, $password, $salt, $iterations, $length) {
    $num = ceil($length / Hmac::getOutputSize($hash, 
                                             Hmac::OUTPUT_BINARY));
    $result = '';
    for ($block = 1; $block <= $num; $block++) {
       $hmac = Hmac::compute($password, $hash, $salt . pack('N', 
                  $block), Hmac::OUTPUT_BINARY);
       $mix = $hmac;
       for ($i = 1; $i < $iterations; $i++) {
           $hmac = Hmac::compute($password, $hash, $hmac, 
                                 Hmac::OUTPUT_BINARY);
           $mix ^= $hmac;
       }
       $result .= $mix;
    }
    return substr($result, 0, $length);
}
bcrypt

●   http://bcrypt.sourceforge.net/

●   bcrypt uses Blowfish cipher + iterations to generate
secure hash values

● bcrypt is secure against brute force or dictionary
attacks because is slow, very slow (that means attacks
need huge amount of time to be completed)
bcrypt parameters
●The algorithm needs a salt value and a work factor
parameter (cost), which allows you to determine
how expensive the bcrypt function will be

●The cost value depends on the CPU speed, check
on your system! I suggest to set at least 1 second.
bcrypt in PHP
●
    bcrypt is implemented in PHP with the crypt()
    function:
 $salt = substr(str_replace('+', '.',
                base64_encode($salt)), 0, 22);
 $hash = crypt($password,'$2a$'.$cost.'$'.$salt);

●
    For instance, $password= 'thisIsTheSecretPassword' and
    $salt= 'hsjYeg/bxn()%3jdhsGHq0'
     
    aHNqWWVnL2J4bigpJTNqZGhzR0hxMA==$a9c810e9c722af719adabcf50d
    b8a0b4cd0d14e07eddbb43e5f47bde620a3c13

    Green= salt, Red= encrypted password
scrypt
●
    http://www.tarsnap.com/scrypt.html

●
    scrypt is a sequential memory hard algorithm:
     ●
       memory-hard functions require high memory
     ●
       cannot be parallelized efficiently

●
    scrypt uses PBKDF2, HMAC-SHA256, Salsa 20/8 core
scrypt security
“From a test executed on modern (2009) hardware,
if 5 seconds are spent computing a derived key, the
cost of a hardware brute-force attack against scrypt
is roughly 4000 times greater than the cost of a
similar attack against bcrypt (to find the same
password), and 20000 times greater than a similar
attack against Pbkdf2."
                                    Colin Percival
                      (the author of scrypt algorithm)
Conclusion
●
    As user:

Use only “robust” password (e.g. long pass phrase is
better than a shorter random jumble of characters)
Don't use the same password for different services

●
    As developer:

Don't use hash or hash+salt to store a password!
Use hash+salt+stretching (PBKDF2), bcrypt or scrypt
to store your passwords
References
●
    Colin Percival, Stronger Key Derivation via Sequential
    Memory-Hard Functions, presented at BSDCan'09, May 2009
●
    Morris, Robert, Thompson, Ken, Password Security: A Case
    History, Bell Laboratories, 2011
●
    Coda Hale, How to safely store a password, 2010
    http://codahale.com/how-to-safely-store-a-password/
●
    J. Kelsey, B. Schneier, C. Hall, and D. Wagner, Secure
    Applications of Low-Entropy Keys, nformation Security
    Workshop (ISW'97), 1997
●
    Marc Bevand, Whitepixel breaks 28.6 billion password/sec
    http://blog.zorinaq.com/?e=42
●
    Andrew Zonenberg, Distributed Hash Cracker: A Cross-
    Platform GPU-Accelerated Password Recovery System, 2009
Thanks!

  Contacts:
enrico@zimuel.it
   @ezimuel

More Related Content

What's hot

Employee Security Awareness Training
Employee Security Awareness TrainingEmployee Security Awareness Training
Employee Security Awareness Training
Denis kisina
 
Brute force attack
Brute force attackBrute force attack
Brute force attack
Jamil Ali Ahmed
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissance
NishaYadav177
 
Application Security
Application SecurityApplication Security
Application Security
florinc
 
Cybersecurity Awareness Training
Cybersecurity Awareness TrainingCybersecurity Awareness Training
Cybersecurity Awareness Training
Dave Monahan
 
Hacking presentation BASIC
Hacking presentation BASICHacking presentation BASIC
Cyber security presentation
Cyber security presentationCyber security presentation
Cyber security presentation
Parab Mishra
 
Cyber security awareness presentation nepal
Cyber security awareness presentation nepalCyber security awareness presentation nepal
Cyber security awareness presentation nepal
ICT Frame Magazine Pvt. Ltd.
 
Password cracking and brute force tools
Password cracking and brute force toolsPassword cracking and brute force tools
Password cracking and brute force tools
zeus7856
 
Cyber security and demonstration of security tools
Cyber security and demonstration of security toolsCyber security and demonstration of security tools
Cyber security and demonstration of security tools
Vicky Fernandes
 
Authentication techniques
Authentication techniquesAuthentication techniques
Authentication techniques
IGZ Software house
 
presentation on hacking
presentation on hackingpresentation on hacking
presentation on hacking
Ayush Upadhyay
 
One-Time Password
One-Time PasswordOne-Time Password
One-Time Password
Ata Ebrahimi
 
Social engineering
Social engineering Social engineering
Social engineering
Vîñàý Pãtêl
 
Basic cryptography
Basic cryptographyBasic cryptography
Basic cryptography
Perfect Training Center
 
Password Management
Password ManagementPassword Management
Password Management
Davon Smart
 
Two factor authentication 2018
Two factor authentication 2018Two factor authentication 2018
Two factor authentication 2018
Will Adams
 
Password Cracking
Password Cracking Password Cracking
Password Cracking
Sina Manavi
 
Cybersecurity Awareness Training Presentation v1.3
Cybersecurity Awareness Training Presentation v1.3Cybersecurity Awareness Training Presentation v1.3
Cybersecurity Awareness Training Presentation v1.3
DallasHaselhorst
 
Password cracking and brute force
Password cracking and brute forcePassword cracking and brute force
Password cracking and brute force
vishalgohel12195
 

What's hot (20)

Employee Security Awareness Training
Employee Security Awareness TrainingEmployee Security Awareness Training
Employee Security Awareness Training
 
Brute force attack
Brute force attackBrute force attack
Brute force attack
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissance
 
Application Security
Application SecurityApplication Security
Application Security
 
Cybersecurity Awareness Training
Cybersecurity Awareness TrainingCybersecurity Awareness Training
Cybersecurity Awareness Training
 
Hacking presentation BASIC
Hacking presentation BASICHacking presentation BASIC
Hacking presentation BASIC
 
Cyber security presentation
Cyber security presentationCyber security presentation
Cyber security presentation
 
Cyber security awareness presentation nepal
Cyber security awareness presentation nepalCyber security awareness presentation nepal
Cyber security awareness presentation nepal
 
Password cracking and brute force tools
Password cracking and brute force toolsPassword cracking and brute force tools
Password cracking and brute force tools
 
Cyber security and demonstration of security tools
Cyber security and demonstration of security toolsCyber security and demonstration of security tools
Cyber security and demonstration of security tools
 
Authentication techniques
Authentication techniquesAuthentication techniques
Authentication techniques
 
presentation on hacking
presentation on hackingpresentation on hacking
presentation on hacking
 
One-Time Password
One-Time PasswordOne-Time Password
One-Time Password
 
Social engineering
Social engineering Social engineering
Social engineering
 
Basic cryptography
Basic cryptographyBasic cryptography
Basic cryptography
 
Password Management
Password ManagementPassword Management
Password Management
 
Two factor authentication 2018
Two factor authentication 2018Two factor authentication 2018
Two factor authentication 2018
 
Password Cracking
Password Cracking Password Cracking
Password Cracking
 
Cybersecurity Awareness Training Presentation v1.3
Cybersecurity Awareness Training Presentation v1.3Cybersecurity Awareness Training Presentation v1.3
Cybersecurity Awareness Training Presentation v1.3
 
Password cracking and brute force
Password cracking and brute forcePassword cracking and brute force
Password cracking and brute force
 

Viewers also liked

Presentatie: "Strategische Informatiebeveiliging"
Presentatie: "Strategische Informatiebeveiliging"Presentatie: "Strategische Informatiebeveiliging"
Presentatie: "Strategische Informatiebeveiliging"
cpi_news
 
Presentaties seminar sleutel tot succes
Presentaties   seminar sleutel tot succesPresentaties   seminar sleutel tot succes
Presentaties seminar sleutel tot succes
Joan Tuls
 
Leveranciersbijeenkomst informatievoorziening sociaaldomein
Leveranciersbijeenkomst informatievoorziening sociaaldomeinLeveranciersbijeenkomst informatievoorziening sociaaldomein
Leveranciersbijeenkomst informatievoorziening sociaaldomein
KING
 
LRQA Congres 2014: 15 mei 15:45 - 16:10 Praktijkcase: informatiebeveiliging i...
LRQA Congres 2014: 15 mei 15:45 - 16:10 Praktijkcase: informatiebeveiliging i...LRQA Congres 2014: 15 mei 15:45 - 16:10 Praktijkcase: informatiebeveiliging i...
LRQA Congres 2014: 15 mei 15:45 - 16:10 Praktijkcase: informatiebeveiliging i...
Lloyd's Register Quality Assurance Nederland
 
Photography
PhotographyPhotography
Photography
Edenbaxendale
 
Leveranciersbijeenkomst programma van eisen
Leveranciersbijeenkomst programma van eisenLeveranciersbijeenkomst programma van eisen
Leveranciersbijeenkomst programma van eisen
KING
 
Workinprogress - Informatieveiligheid voor uw gemeente
Workinprogress - Informatieveiligheid voor uw gemeenteWorkinprogress - Informatieveiligheid voor uw gemeente
Workinprogress - Informatieveiligheid voor uw gemeente
KING
 
Persoonlijke Leeromgevingen
Persoonlijke LeeromgevingenPersoonlijke Leeromgevingen
Persoonlijke Leeromgevingen
openwebschool
 
CLP workshop 2 - Controleren van leveranciers
CLP workshop 2 - Controleren van leveranciersCLP workshop 2 - Controleren van leveranciers
CLP workshop 2 - Controleren van leveranciers
Ecomatters
 
Workin progress2015 gemeentebrede_informatiebeveiliging
Workin progress2015 gemeentebrede_informatiebeveiligingWorkin progress2015 gemeentebrede_informatiebeveiliging
Workin progress2015 gemeentebrede_informatiebeveiliging
KING
 

Viewers also liked (10)

Presentatie: "Strategische Informatiebeveiliging"
Presentatie: "Strategische Informatiebeveiliging"Presentatie: "Strategische Informatiebeveiliging"
Presentatie: "Strategische Informatiebeveiliging"
 
Presentaties seminar sleutel tot succes
Presentaties   seminar sleutel tot succesPresentaties   seminar sleutel tot succes
Presentaties seminar sleutel tot succes
 
Leveranciersbijeenkomst informatievoorziening sociaaldomein
Leveranciersbijeenkomst informatievoorziening sociaaldomeinLeveranciersbijeenkomst informatievoorziening sociaaldomein
Leveranciersbijeenkomst informatievoorziening sociaaldomein
 
LRQA Congres 2014: 15 mei 15:45 - 16:10 Praktijkcase: informatiebeveiliging i...
LRQA Congres 2014: 15 mei 15:45 - 16:10 Praktijkcase: informatiebeveiliging i...LRQA Congres 2014: 15 mei 15:45 - 16:10 Praktijkcase: informatiebeveiliging i...
LRQA Congres 2014: 15 mei 15:45 - 16:10 Praktijkcase: informatiebeveiliging i...
 
Photography
PhotographyPhotography
Photography
 
Leveranciersbijeenkomst programma van eisen
Leveranciersbijeenkomst programma van eisenLeveranciersbijeenkomst programma van eisen
Leveranciersbijeenkomst programma van eisen
 
Workinprogress - Informatieveiligheid voor uw gemeente
Workinprogress - Informatieveiligheid voor uw gemeenteWorkinprogress - Informatieveiligheid voor uw gemeente
Workinprogress - Informatieveiligheid voor uw gemeente
 
Persoonlijke Leeromgevingen
Persoonlijke LeeromgevingenPersoonlijke Leeromgevingen
Persoonlijke Leeromgevingen
 
CLP workshop 2 - Controleren van leveranciers
CLP workshop 2 - Controleren van leveranciersCLP workshop 2 - Controleren van leveranciers
CLP workshop 2 - Controleren van leveranciers
 
Workin progress2015 gemeentebrede_informatiebeveiliging
Workin progress2015 gemeentebrede_informatiebeveiligingWorkin progress2015 gemeentebrede_informatiebeveiliging
Workin progress2015 gemeentebrede_informatiebeveiliging
 

Similar to Password (in)security

Cryptography with Zend Framework
Cryptography with Zend FrameworkCryptography with Zend Framework
Cryptography with Zend Framework
Enrico Zimuel
 
Cryptography for Absolute Beginners (May 2019)
Cryptography for Absolute Beginners (May 2019)Cryptography for Absolute Beginners (May 2019)
Cryptography for Absolute Beginners (May 2019)
Svetlin Nakov
 
Django cryptography
Django cryptographyDjango cryptography
Django cryptography
Erik LaBianca
 
Cryptography in PHP: Some Use Cases
Cryptography in PHP: Some Use CasesCryptography in PHP: Some Use Cases
Cryptography in PHP: Some Use Cases
Zend by Rogue Wave Software
 
Strong cryptography in PHP
Strong cryptography in PHPStrong cryptography in PHP
Strong cryptography in PHP
Enrico Zimuel
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2
Iftach Ian Amit
 
Password Storage and Attacking in PHP
Password Storage and Attacking in PHPPassword Storage and Attacking in PHP
Password Storage and Attacking in PHP
Anthony Ferrara
 
[CB20] Vulnerabilities of Machine Learning Infrastructure by Sergey Gordeychik
[CB20] Vulnerabilities of Machine Learning Infrastructure by Sergey Gordeychik[CB20] Vulnerabilities of Machine Learning Infrastructure by Sergey Gordeychik
[CB20] Vulnerabilities of Machine Learning Infrastructure by Sergey Gordeychik
CODE BLUE
 
Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and cracking
Nipun Joshi
 
Eight simple rules to writing secure PHP programs
Eight simple rules to writing secure PHP programsEight simple rules to writing secure PHP programs
Eight simple rules to writing secure PHP programs
Aleksandr Yampolskiy
 
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
Svetlin Nakov
 
Using Cryptography Properly in Applications
Using Cryptography Properly in ApplicationsUsing Cryptography Properly in Applications
Using Cryptography Properly in Applications
Great Wide Open
 
Password Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP ArgentinaPassword Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP Argentina
Anthony Ferrara
 
Api Design
Api DesignApi Design
How to Use Cryptography Properly: The Common Mistakes People Make When Using ...
How to Use Cryptography Properly: The Common Mistakes People Make When Using ...How to Use Cryptography Properly: The Common Mistakes People Make When Using ...
How to Use Cryptography Properly: The Common Mistakes People Make When Using ...
POSSCON
 
Improving password-based authentication
Improving password-based authenticationImproving password-based authentication
Improving password-based authentication
Frank Denis
 
How-to crack 43kk passwords while drinking your juice/smoozie in the Hood
How-to crack 43kk passwords  while drinking your  juice/smoozie in the HoodHow-to crack 43kk passwords  while drinking your  juice/smoozie in the Hood
How-to crack 43kk passwords while drinking your juice/smoozie in the Hood
Yurii Bilyk
 
How does cryptography work? by Jeroen Ooms
How does cryptography work?  by Jeroen OomsHow does cryptography work?  by Jeroen Ooms
How does cryptography work? by Jeroen Ooms
Ajay Ohri
 
Top Ten Java Defense for Web Applications v2
Top Ten Java Defense for Web Applications v2Top Ten Java Defense for Web Applications v2
Top Ten Java Defense for Web Applications v2
Jim Manico
 
Reutov, yunusov, nagibin random numbers take ii
Reutov, yunusov, nagibin   random numbers take iiReutov, yunusov, nagibin   random numbers take ii
Reutov, yunusov, nagibin random numbers take ii
DefconRussia
 

Similar to Password (in)security (20)

Cryptography with Zend Framework
Cryptography with Zend FrameworkCryptography with Zend Framework
Cryptography with Zend Framework
 
Cryptography for Absolute Beginners (May 2019)
Cryptography for Absolute Beginners (May 2019)Cryptography for Absolute Beginners (May 2019)
Cryptography for Absolute Beginners (May 2019)
 
Django cryptography
Django cryptographyDjango cryptography
Django cryptography
 
Cryptography in PHP: Some Use Cases
Cryptography in PHP: Some Use CasesCryptography in PHP: Some Use Cases
Cryptography in PHP: Some Use Cases
 
Strong cryptography in PHP
Strong cryptography in PHPStrong cryptography in PHP
Strong cryptography in PHP
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2
 
Password Storage and Attacking in PHP
Password Storage and Attacking in PHPPassword Storage and Attacking in PHP
Password Storage and Attacking in PHP
 
[CB20] Vulnerabilities of Machine Learning Infrastructure by Sergey Gordeychik
[CB20] Vulnerabilities of Machine Learning Infrastructure by Sergey Gordeychik[CB20] Vulnerabilities of Machine Learning Infrastructure by Sergey Gordeychik
[CB20] Vulnerabilities of Machine Learning Infrastructure by Sergey Gordeychik
 
Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and cracking
 
Eight simple rules to writing secure PHP programs
Eight simple rules to writing secure PHP programsEight simple rules to writing secure PHP programs
Eight simple rules to writing secure PHP programs
 
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
 
Using Cryptography Properly in Applications
Using Cryptography Properly in ApplicationsUsing Cryptography Properly in Applications
Using Cryptography Properly in Applications
 
Password Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP ArgentinaPassword Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP Argentina
 
Api Design
Api DesignApi Design
Api Design
 
How to Use Cryptography Properly: The Common Mistakes People Make When Using ...
How to Use Cryptography Properly: The Common Mistakes People Make When Using ...How to Use Cryptography Properly: The Common Mistakes People Make When Using ...
How to Use Cryptography Properly: The Common Mistakes People Make When Using ...
 
Improving password-based authentication
Improving password-based authenticationImproving password-based authentication
Improving password-based authentication
 
How-to crack 43kk passwords while drinking your juice/smoozie in the Hood
How-to crack 43kk passwords  while drinking your  juice/smoozie in the HoodHow-to crack 43kk passwords  while drinking your  juice/smoozie in the Hood
How-to crack 43kk passwords while drinking your juice/smoozie in the Hood
 
How does cryptography work? by Jeroen Ooms
How does cryptography work?  by Jeroen OomsHow does cryptography work?  by Jeroen Ooms
How does cryptography work? by Jeroen Ooms
 
Top Ten Java Defense for Web Applications v2
Top Ten Java Defense for Web Applications v2Top Ten Java Defense for Web Applications v2
Top Ten Java Defense for Web Applications v2
 
Reutov, yunusov, nagibin random numbers take ii
Reutov, yunusov, nagibin   random numbers take iiReutov, yunusov, nagibin   random numbers take ii
Reutov, yunusov, nagibin random numbers take ii
 

More from Enrico Zimuel

Integrare Zend Framework in Wordpress
Integrare Zend Framework in WordpressIntegrare Zend Framework in Wordpress
Integrare Zend Framework in Wordpress
Enrico Zimuel
 
Quick start on Zend Framework 2
Quick start on Zend Framework 2Quick start on Zend Framework 2
Quick start on Zend Framework 2
Enrico Zimuel
 
Introduzione alla Posta Elettronica Certificata (PEC): le regole tecniche
Introduzione alla Posta Elettronica Certificata (PEC): le regole tecnicheIntroduzione alla Posta Elettronica Certificata (PEC): le regole tecniche
Introduzione alla Posta Elettronica Certificata (PEC): le regole tecniche
Enrico Zimuel
 
A quick start on Zend Framework 2
A quick start on Zend Framework 2A quick start on Zend Framework 2
A quick start on Zend Framework 2
Enrico Zimuel
 
Zend Framework 2 quick start
Zend Framework 2 quick startZend Framework 2 quick start
Zend Framework 2 quick start
Enrico Zimuel
 
PHP goes mobile
PHP goes mobilePHP goes mobile
PHP goes mobile
Enrico Zimuel
 
Zend Framework 2
Zend Framework 2Zend Framework 2
Zend Framework 2
Enrico Zimuel
 
Cryptography in PHP: use cases
Cryptography in PHP: use casesCryptography in PHP: use cases
Cryptography in PHP: use cases
Enrico Zimuel
 
Manage cloud infrastructures in PHP using Zend Framework 2 (and 1)
Manage cloud infrastructures in PHP using Zend Framework 2 (and 1)Manage cloud infrastructures in PHP using Zend Framework 2 (and 1)
Manage cloud infrastructures in PHP using Zend Framework 2 (and 1)
Enrico Zimuel
 
Manage cloud infrastructures using Zend Framework 2 (and ZF1)
Manage cloud infrastructures using Zend Framework 2 (and ZF1)Manage cloud infrastructures using Zend Framework 2 (and ZF1)
Manage cloud infrastructures using Zend Framework 2 (and ZF1)
Enrico Zimuel
 
Framework software e Zend Framework
Framework software e Zend FrameworkFramework software e Zend Framework
Framework software e Zend Framework
Enrico Zimuel
 
How to scale PHP applications
How to scale PHP applicationsHow to scale PHP applications
How to scale PHP applications
Enrico Zimuel
 
Velocizzare Joomla! con Zend Server Community Edition
Velocizzare Joomla! con Zend Server Community EditionVelocizzare Joomla! con Zend Server Community Edition
Velocizzare Joomla! con Zend Server Community Edition
Enrico Zimuel
 
Zend_Cache: how to improve the performance of PHP applications
Zend_Cache: how to improve the performance of PHP applicationsZend_Cache: how to improve the performance of PHP applications
Zend_Cache: how to improve the performance of PHP applications
Enrico Zimuel
 
XCheck a benchmark checker for XML query processors
XCheck a benchmark checker for XML query processorsXCheck a benchmark checker for XML query processors
XCheck a benchmark checker for XML query processors
Enrico Zimuel
 
Introduzione alle tabelle hash
Introduzione alle tabelle hashIntroduzione alle tabelle hash
Introduzione alle tabelle hash
Enrico Zimuel
 
Crittografia quantistica: fantascienza o realtà?
Crittografia quantistica: fantascienza o realtà?Crittografia quantistica: fantascienza o realtà?
Crittografia quantistica: fantascienza o realtà?
Enrico Zimuel
 
Introduzione alla crittografia
Introduzione alla crittografiaIntroduzione alla crittografia
Introduzione alla crittografia
Enrico Zimuel
 
Crittografia è sinonimo di sicurezza?
Crittografia è sinonimo di sicurezza?Crittografia è sinonimo di sicurezza?
Crittografia è sinonimo di sicurezza?
Enrico Zimuel
 
Sviluppo di applicazioni sicure
Sviluppo di applicazioni sicureSviluppo di applicazioni sicure
Sviluppo di applicazioni sicure
Enrico Zimuel
 

More from Enrico Zimuel (20)

Integrare Zend Framework in Wordpress
Integrare Zend Framework in WordpressIntegrare Zend Framework in Wordpress
Integrare Zend Framework in Wordpress
 
Quick start on Zend Framework 2
Quick start on Zend Framework 2Quick start on Zend Framework 2
Quick start on Zend Framework 2
 
Introduzione alla Posta Elettronica Certificata (PEC): le regole tecniche
Introduzione alla Posta Elettronica Certificata (PEC): le regole tecnicheIntroduzione alla Posta Elettronica Certificata (PEC): le regole tecniche
Introduzione alla Posta Elettronica Certificata (PEC): le regole tecniche
 
A quick start on Zend Framework 2
A quick start on Zend Framework 2A quick start on Zend Framework 2
A quick start on Zend Framework 2
 
Zend Framework 2 quick start
Zend Framework 2 quick startZend Framework 2 quick start
Zend Framework 2 quick start
 
PHP goes mobile
PHP goes mobilePHP goes mobile
PHP goes mobile
 
Zend Framework 2
Zend Framework 2Zend Framework 2
Zend Framework 2
 
Cryptography in PHP: use cases
Cryptography in PHP: use casesCryptography in PHP: use cases
Cryptography in PHP: use cases
 
Manage cloud infrastructures in PHP using Zend Framework 2 (and 1)
Manage cloud infrastructures in PHP using Zend Framework 2 (and 1)Manage cloud infrastructures in PHP using Zend Framework 2 (and 1)
Manage cloud infrastructures in PHP using Zend Framework 2 (and 1)
 
Manage cloud infrastructures using Zend Framework 2 (and ZF1)
Manage cloud infrastructures using Zend Framework 2 (and ZF1)Manage cloud infrastructures using Zend Framework 2 (and ZF1)
Manage cloud infrastructures using Zend Framework 2 (and ZF1)
 
Framework software e Zend Framework
Framework software e Zend FrameworkFramework software e Zend Framework
Framework software e Zend Framework
 
How to scale PHP applications
How to scale PHP applicationsHow to scale PHP applications
How to scale PHP applications
 
Velocizzare Joomla! con Zend Server Community Edition
Velocizzare Joomla! con Zend Server Community EditionVelocizzare Joomla! con Zend Server Community Edition
Velocizzare Joomla! con Zend Server Community Edition
 
Zend_Cache: how to improve the performance of PHP applications
Zend_Cache: how to improve the performance of PHP applicationsZend_Cache: how to improve the performance of PHP applications
Zend_Cache: how to improve the performance of PHP applications
 
XCheck a benchmark checker for XML query processors
XCheck a benchmark checker for XML query processorsXCheck a benchmark checker for XML query processors
XCheck a benchmark checker for XML query processors
 
Introduzione alle tabelle hash
Introduzione alle tabelle hashIntroduzione alle tabelle hash
Introduzione alle tabelle hash
 
Crittografia quantistica: fantascienza o realtà?
Crittografia quantistica: fantascienza o realtà?Crittografia quantistica: fantascienza o realtà?
Crittografia quantistica: fantascienza o realtà?
 
Introduzione alla crittografia
Introduzione alla crittografiaIntroduzione alla crittografia
Introduzione alla crittografia
 
Crittografia è sinonimo di sicurezza?
Crittografia è sinonimo di sicurezza?Crittografia è sinonimo di sicurezza?
Crittografia è sinonimo di sicurezza?
 
Sviluppo di applicazioni sicure
Sviluppo di applicazioni sicureSviluppo di applicazioni sicure
Sviluppo di applicazioni sicure
 

Recently uploaded

Who is Vinod Adani? The Motivational Speaker & Business Coach
Who is Vinod Adani? The Motivational Speaker & Business CoachWho is Vinod Adani? The Motivational Speaker & Business Coach
Who is Vinod Adani? The Motivational Speaker & Business Coach
Vinod Adani
 
7 Habits for Faithful Living: A Christian's Guide to Covey's Principles_7
7 Habits for Faithful Living: A Christian's Guide to Covey's Principles_77 Habits for Faithful Living: A Christian's Guide to Covey's Principles_7
7 Habits for Faithful Living: A Christian's Guide to Covey's Principles_7
earthsalt1
 
VIP Varanasi Girls Call Varanasi 0X0000000X Doorstep High-Profile Girl Servic...
VIP Varanasi Girls Call Varanasi 0X0000000X Doorstep High-Profile Girl Servic...VIP Varanasi Girls Call Varanasi 0X0000000X Doorstep High-Profile Girl Servic...
VIP Varanasi Girls Call Varanasi 0X0000000X Doorstep High-Profile Girl Servic...
shalvikaprincessparv
 
ENG 871 STUDIES IN WRITTEN AFRICAN POETRY.pdf
ENG 871 STUDIES IN WRITTEN AFRICAN POETRY.pdfENG 871 STUDIES IN WRITTEN AFRICAN POETRY.pdf
ENG 871 STUDIES IN WRITTEN AFRICAN POETRY.pdf
AfiaKwaahMensah1
 
Understanding Anxiety By JR Psychology Clinic.pdf
Understanding Anxiety By JR Psychology Clinic.pdfUnderstanding Anxiety By JR Psychology Clinic.pdf
Understanding Anxiety By JR Psychology Clinic.pdf
jaysonromau
 
7 Rules For A Successful Life presentation by Rohit Chandra Thakur
7 Rules For A Successful Life presentation by Rohit Chandra Thakur7 Rules For A Successful Life presentation by Rohit Chandra Thakur
7 Rules For A Successful Life presentation by Rohit Chandra Thakur
Rohit Chandra
 
Mysore Girls Call Mysore 0X0000000X Unlimited Short Providing Girls Service A...
Mysore Girls Call Mysore 0X0000000X Unlimited Short Providing Girls Service A...Mysore Girls Call Mysore 0X0000000X Unlimited Short Providing Girls Service A...
Mysore Girls Call Mysore 0X0000000X Unlimited Short Providing Girls Service A...
rachitkumar09887
 
The Laws of Human Nature Robert Greene is a master guide
The Laws of Human Nature Robert Greene is a master guideThe Laws of Human Nature Robert Greene is a master guide
The Laws of Human Nature Robert Greene is a master guide
MalothuRajarao
 
Nipissing University degree Cert offer diploma Transcripta
Nipissing University degree Cert offer diploma Transcripta Nipissing University degree Cert offer diploma Transcripta
Nipissing University degree Cert offer diploma Transcripta
keowaxu
 
The thinking journey preview. It shows 33 pages out of the 416 pages whole book.
The thinking journey preview. It shows 33 pages out of the 416 pages whole book.The thinking journey preview. It shows 33 pages out of the 416 pages whole book.
The thinking journey preview. It shows 33 pages out of the 416 pages whole book.
Growingthinkers
 
High Girls Call Chennai 000XX00000 Provide Best And Top Girl Service And No1 ...
High Girls Call Chennai 000XX00000 Provide Best And Top Girl Service And No1 ...High Girls Call Chennai 000XX00000 Provide Best And Top Girl Service And No1 ...
High Girls Call Chennai 000XX00000 Provide Best And Top Girl Service And No1 ...
rajvarma123614
 
For all the dogs and idiots that play with me
For all the dogs and idiots that play with meFor all the dogs and idiots that play with me
For all the dogs and idiots that play with me
salmi ewwww
 
Vadodara Girls Call Vadodara 0X0000000X Unlimited Short Providing Girls Servi...
Vadodara Girls Call Vadodara 0X0000000X Unlimited Short Providing Girls Servi...Vadodara Girls Call Vadodara 0X0000000X Unlimited Short Providing Girls Servi...
Vadodara Girls Call Vadodara 0X0000000X Unlimited Short Providing Girls Servi...
rachitkumar09887
 
glossary of life terms for life insurance.pdf
glossary of life terms for life insurance.pdfglossary of life terms for life insurance.pdf
glossary of life terms for life insurance.pdf
nsprasad4
 
UIUC Cert degree offer diploma
UIUC Cert degree offer diploma UIUC Cert degree offer diploma
UIUC Cert degree offer diploma
dcyvsyc
 
Develop a Winning Business Strategy by Vinod Adani.pptx
Develop a Winning Business Strategy by Vinod Adani.pptxDevelop a Winning Business Strategy by Vinod Adani.pptx
Develop a Winning Business Strategy by Vinod Adani.pptx
Vinod Adani
 
Ethics and Values: A Note on Comparison of Similarities and Differences
Ethics and Values: A Note on Comparison of Similarities and DifferencesEthics and Values: A Note on Comparison of Similarities and Differences
Ethics and Values: A Note on Comparison of Similarities and Differences
Satjitkumar
 
What Are Machiavellianism, Psychopathy, and Narcissism?
What Are Machiavellianism, Psychopathy, and Narcissism?What Are Machiavellianism, Psychopathy, and Narcissism?
What Are Machiavellianism, Psychopathy, and Narcissism?
digitalsole
 
High Profile Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Ser...
High Profile Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Ser...High Profile Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Ser...
High Profile Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Ser...
shanihomely
 
Attestato Masterclass Kaospilot - The Art & Craft of Designing & Facilitating...
Attestato Masterclass Kaospilot - The Art & Craft of Designing & Facilitating...Attestato Masterclass Kaospilot - The Art & Craft of Designing & Facilitating...
Attestato Masterclass Kaospilot - The Art & Craft of Designing & Facilitating...
Salvatore Cordiano
 

Recently uploaded (20)

Who is Vinod Adani? The Motivational Speaker & Business Coach
Who is Vinod Adani? The Motivational Speaker & Business CoachWho is Vinod Adani? The Motivational Speaker & Business Coach
Who is Vinod Adani? The Motivational Speaker & Business Coach
 
7 Habits for Faithful Living: A Christian's Guide to Covey's Principles_7
7 Habits for Faithful Living: A Christian's Guide to Covey's Principles_77 Habits for Faithful Living: A Christian's Guide to Covey's Principles_7
7 Habits for Faithful Living: A Christian's Guide to Covey's Principles_7
 
VIP Varanasi Girls Call Varanasi 0X0000000X Doorstep High-Profile Girl Servic...
VIP Varanasi Girls Call Varanasi 0X0000000X Doorstep High-Profile Girl Servic...VIP Varanasi Girls Call Varanasi 0X0000000X Doorstep High-Profile Girl Servic...
VIP Varanasi Girls Call Varanasi 0X0000000X Doorstep High-Profile Girl Servic...
 
ENG 871 STUDIES IN WRITTEN AFRICAN POETRY.pdf
ENG 871 STUDIES IN WRITTEN AFRICAN POETRY.pdfENG 871 STUDIES IN WRITTEN AFRICAN POETRY.pdf
ENG 871 STUDIES IN WRITTEN AFRICAN POETRY.pdf
 
Understanding Anxiety By JR Psychology Clinic.pdf
Understanding Anxiety By JR Psychology Clinic.pdfUnderstanding Anxiety By JR Psychology Clinic.pdf
Understanding Anxiety By JR Psychology Clinic.pdf
 
7 Rules For A Successful Life presentation by Rohit Chandra Thakur
7 Rules For A Successful Life presentation by Rohit Chandra Thakur7 Rules For A Successful Life presentation by Rohit Chandra Thakur
7 Rules For A Successful Life presentation by Rohit Chandra Thakur
 
Mysore Girls Call Mysore 0X0000000X Unlimited Short Providing Girls Service A...
Mysore Girls Call Mysore 0X0000000X Unlimited Short Providing Girls Service A...Mysore Girls Call Mysore 0X0000000X Unlimited Short Providing Girls Service A...
Mysore Girls Call Mysore 0X0000000X Unlimited Short Providing Girls Service A...
 
The Laws of Human Nature Robert Greene is a master guide
The Laws of Human Nature Robert Greene is a master guideThe Laws of Human Nature Robert Greene is a master guide
The Laws of Human Nature Robert Greene is a master guide
 
Nipissing University degree Cert offer diploma Transcripta
Nipissing University degree Cert offer diploma Transcripta Nipissing University degree Cert offer diploma Transcripta
Nipissing University degree Cert offer diploma Transcripta
 
The thinking journey preview. It shows 33 pages out of the 416 pages whole book.
The thinking journey preview. It shows 33 pages out of the 416 pages whole book.The thinking journey preview. It shows 33 pages out of the 416 pages whole book.
The thinking journey preview. It shows 33 pages out of the 416 pages whole book.
 
High Girls Call Chennai 000XX00000 Provide Best And Top Girl Service And No1 ...
High Girls Call Chennai 000XX00000 Provide Best And Top Girl Service And No1 ...High Girls Call Chennai 000XX00000 Provide Best And Top Girl Service And No1 ...
High Girls Call Chennai 000XX00000 Provide Best And Top Girl Service And No1 ...
 
For all the dogs and idiots that play with me
For all the dogs and idiots that play with meFor all the dogs and idiots that play with me
For all the dogs and idiots that play with me
 
Vadodara Girls Call Vadodara 0X0000000X Unlimited Short Providing Girls Servi...
Vadodara Girls Call Vadodara 0X0000000X Unlimited Short Providing Girls Servi...Vadodara Girls Call Vadodara 0X0000000X Unlimited Short Providing Girls Servi...
Vadodara Girls Call Vadodara 0X0000000X Unlimited Short Providing Girls Servi...
 
glossary of life terms for life insurance.pdf
glossary of life terms for life insurance.pdfglossary of life terms for life insurance.pdf
glossary of life terms for life insurance.pdf
 
UIUC Cert degree offer diploma
UIUC Cert degree offer diploma UIUC Cert degree offer diploma
UIUC Cert degree offer diploma
 
Develop a Winning Business Strategy by Vinod Adani.pptx
Develop a Winning Business Strategy by Vinod Adani.pptxDevelop a Winning Business Strategy by Vinod Adani.pptx
Develop a Winning Business Strategy by Vinod Adani.pptx
 
Ethics and Values: A Note on Comparison of Similarities and Differences
Ethics and Values: A Note on Comparison of Similarities and DifferencesEthics and Values: A Note on Comparison of Similarities and Differences
Ethics and Values: A Note on Comparison of Similarities and Differences
 
What Are Machiavellianism, Psychopathy, and Narcissism?
What Are Machiavellianism, Psychopathy, and Narcissism?What Are Machiavellianism, Psychopathy, and Narcissism?
What Are Machiavellianism, Psychopathy, and Narcissism?
 
High Profile Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Ser...
High Profile Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Ser...High Profile Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Ser...
High Profile Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Ser...
 
Attestato Masterclass Kaospilot - The Art & Craft of Designing & Facilitating...
Attestato Masterclass Kaospilot - The Art & Craft of Designing & Facilitating...Attestato Masterclass Kaospilot - The Art & Craft of Designing & Facilitating...
Attestato Masterclass Kaospilot - The Art & Craft of Designing & Facilitating...
 

Password (in)security

  • 1. Password (in)security How to generate and store passwords in a secure way by Enrico “cerin0” Zimuel
  • 2. About me 1998 Enrico “cerin0” Zimuel Developer since Texas Instruments TI99/4A Research programmer, Informatics institute of UvA (Amsterdam) Core team of the open source project Zend Framework Co-author of the books “Segreti, Spie Codici Cifrati”, “Come si fa a usare la firma digitale”, “PHP Best Practices” Founder of the PHP User Group Torino http://www.zimuel.it
  • 3. Password A password is a secret word or string of characters that is used for authentication.
  • 4. User perspective: How to choose a “secure” password? Developer perspective: How to store a password in a secure way?
  • 5. Password security Basically every security system is based on password.
  • 7. linkedin.com Hack: 6th June 2012 More than 6 million passwords was compromised SHA1 password
  • 8. eharmony.com Hack: 6th June 2012 More than 1.5 million passwords was compromised SHA1 password
  • 9. last.fm Hack: 7th June 2012 ? million passwords was compromised MD5 password
  • 10. yahoo.com Hack: 12th June 2012 443K passwords was compromised SQL injection, password in plaintext!
  • 11. How to choose a “robust” user's password
  • 13. Some best practices: ● No personal information ● A long pass phrase is better than a shorter random jumble of characters ● At least 10 characters long ● Don't use the same password for everything ● Change your password from time to time
  • 15. Developers Force the user to generate robust password
  • 16. Developers How to store a password in a secure way?
  • 17. Old school (deprecated) Use hash algorithms like MD5 or SHA1
  • 18. New school (deprecated?) Use hash algorithm + salt (a random string).
  • 19. Using hash + salt Prevent dictionary attacks? YES Prevent brute force attacks? NO
  • 20. Brute forcing attacks CPU power is growing (multi-core) GPU are rendering password security useless Use a Cloud system (n-CPU)
  • 21. Brute forcing with a GPU Source: www.nvidia.com
  • 22. GPU and CUDA CUDA™ is a parallel computing platform and programming model invented by NVIDIA
  • 23. Extreme GPU Bruteforcer using NVIDIA GTS250 ~ $100 Algorithm Speed 8 chars 9 chars 10 chars md5($pass) 426 million p/s 6 days 1 year 62 years md5($pass.$salt) 170 million p/s 14 days 2 ½ years 156 years sha1($pass) 85 million p/s 29 days 5 years 313 years sha1($pass.$salt) 80 million p/s 31 days 5 years 332 years Password of 62 characters (a-z, A-Z, 0-9) Source: http://www.insidepro.com/eng/egb.shtml
  • 24. IGHASHGPU ATI HD 5970 ~ $700 Algorithm Speed 8 chars 9 chars 10 chars md5($pass) 5600 million p/s 10 hours 27 days 4 ½ years sha1($pass) 2300 million p/s 26 hours 68 days 11 ½ years Password of 62 characters (a-z, A-Z, 0-9) Source: http://www.golubev.com/hashgpu.htm
  • 25. Whitepixel 4 Dual HD 5970 ~ $2800 Algorithm Speed 8 chars 9 chars 10 chars md5($pass) 33 billion p/s 1 ½ hour 4 ½ days 294 days Password of 62 characters (a-z, A-Z, 0-9) Source: http://blog.zorinaq.com/?e=42
  • 26. Secure algorithms for password storing ●Hash + salt + stretching (i.e. PBKDF2) ● bcrypt ● scrypt
  • 27. Hash + salt + stretching ● Stretching = iterate (hash + salt) n-times key = ““ for 1 to n­times do   key = hash(key + password + salt)
  • 28. How to estimate the number of iterations? ●The number of iterations depends on the CPU speed, should take around 1 sec to be considered secure ● For instance, this PHP code: <?php $key=''; for ($i=0;$i<NUM_ITERATIONS;$i++) {     $key= hash('sha512',$key.$salt.$password); } runs in 900 ms with NUM_ITERATIONS= 40'000 using an Intel Core 2 at 2.1Ghz
  • 29. PBKDF2 ● PBKDF2 (Password-Based Key Derivation Function 2) is a key derivation function that is part of RSA Laboratories' Public-Key Cryptography Standards (PKCS) series, specifically PKCS #5 v2.0 ● PBKDF2 applies a pseudorandom function, such as a cryptographic hash, cipher, or HMAC to the input password or passphrase along with a salt value and repeats the process many times to produce a derived key, which can then be used as a cryptographic key in subsequent operations
  • 30. PBKDF2 in PHP PBKDF2 in PHP (Zend Framework 2.0) function calc($hash, $password, $salt, $iterations, $length) { $num = ceil($length / Hmac::getOutputSize($hash,  Hmac::OUTPUT_BINARY)); $result = ''; for ($block = 1; $block <= $num; $block++) { $hmac = Hmac::compute($password, $hash, $salt . pack('N',  $block), Hmac::OUTPUT_BINARY);     $mix = $hmac;     for ($i = 1; $i < $iterations; $i++) {     $hmac = Hmac::compute($password, $hash, $hmac,    Hmac::OUTPUT_BINARY);     $mix ^= $hmac;     }     $result .= $mix; } return substr($result, 0, $length); }
  • 31. bcrypt ● http://bcrypt.sourceforge.net/ ● bcrypt uses Blowfish cipher + iterations to generate secure hash values ● bcrypt is secure against brute force or dictionary attacks because is slow, very slow (that means attacks need huge amount of time to be completed)
  • 32. bcrypt parameters ●The algorithm needs a salt value and a work factor parameter (cost), which allows you to determine how expensive the bcrypt function will be ●The cost value depends on the CPU speed, check on your system! I suggest to set at least 1 second.
  • 33. bcrypt in PHP ● bcrypt is implemented in PHP with the crypt() function: $salt = substr(str_replace('+', '.',                 base64_encode($salt)), 0, 22);  $hash = crypt($password,'$2a$'.$cost.'$'.$salt); ● For instance, $password= 'thisIsTheSecretPassword' and $salt= 'hsjYeg/bxn()%3jdhsGHq0'   aHNqWWVnL2J4bigpJTNqZGhzR0hxMA==$a9c810e9c722af719adabcf50d b8a0b4cd0d14e07eddbb43e5f47bde620a3c13 Green= salt, Red= encrypted password
  • 34. scrypt ● http://www.tarsnap.com/scrypt.html ● scrypt is a sequential memory hard algorithm: ● memory-hard functions require high memory ● cannot be parallelized efficiently ● scrypt uses PBKDF2, HMAC-SHA256, Salsa 20/8 core
  • 35. scrypt security “From a test executed on modern (2009) hardware, if 5 seconds are spent computing a derived key, the cost of a hardware brute-force attack against scrypt is roughly 4000 times greater than the cost of a similar attack against bcrypt (to find the same password), and 20000 times greater than a similar attack against Pbkdf2." Colin Percival (the author of scrypt algorithm)
  • 36. Conclusion ● As user: Use only “robust” password (e.g. long pass phrase is better than a shorter random jumble of characters) Don't use the same password for different services ● As developer: Don't use hash or hash+salt to store a password! Use hash+salt+stretching (PBKDF2), bcrypt or scrypt to store your passwords
  • 37. References ● Colin Percival, Stronger Key Derivation via Sequential Memory-Hard Functions, presented at BSDCan'09, May 2009 ● Morris, Robert, Thompson, Ken, Password Security: A Case History, Bell Laboratories, 2011 ● Coda Hale, How to safely store a password, 2010 http://codahale.com/how-to-safely-store-a-password/ ● J. Kelsey, B. Schneier, C. Hall, and D. Wagner, Secure Applications of Low-Entropy Keys, nformation Security Workshop (ISW'97), 1997 ● Marc Bevand, Whitepixel breaks 28.6 billion password/sec http://blog.zorinaq.com/?e=42 ● Andrew Zonenberg, Distributed Hash Cracker: A Cross- Platform GPU-Accelerated Password Recovery System, 2009