PHP 的 password_hash():public 一次性盐与私人固定盐
PHP's password_hash(): public one-time salt vs. private fixed salt
PHP password_hash() (http://php.net/manual/en/function.password-hash.php) 手册说:
The used algorithm, cost and salt are returned as part of the hash. Therefore, all information that's needed to verify the hash is included in it.
我的问题是:为什么?
我在另一个 SO 答案中读到这个:(Static Salt vs Random Salt - Security PHP)
Random salts have a tremendous benefit. If all accounts in the system use the same salt, an attacker can brute-force calculate hashes for that salt and break into all accounts with just one computational run.
我明白了。但是,password_hash() 将盐嵌入到返回的哈希值中,我认为它是 public,因此攻击者知道每个密码的盐。
换个长私盐不是更好吗?
我能想到的一件事是,使用相同的盐创建的散列对于相同的密码来说是相同的,并且可能允许攻击者通过对数据库中散列的统计分析取得进展。
然而,这可以通过使用私有哈希字典而不是仅使用一个字典来缓解,但是在 PHP 7.password_hash() 中,这不再可能。
我不是安全专家,我相信 PHP 人知道他们在做什么,所以我很高兴听到为什么 password_hash() 方式被认为是正确的方法。
我找到了这个答案:
http://php.net/manual/en/function.password-hash.php#114410
if you thought "why is the salt included in the hash and is it save
when i store it as it is in my db?"
Answer i found: The salt just has to be unique. It not meant to be a
secret.
As mentioned in notes and docu before: let password_hash() take care
of the salt.
With the unique salt you force the attacker to crack the hash. The
hash is unique and cannot be found at rainbow tables.
PHP password_hash() (http://php.net/manual/en/function.password-hash.php) 手册说:
The used algorithm, cost and salt are returned as part of the hash. Therefore, all information that's needed to verify the hash is included in it.
我的问题是:为什么?
我在另一个 SO 答案中读到这个:(Static Salt vs Random Salt - Security PHP)
Random salts have a tremendous benefit. If all accounts in the system use the same salt, an attacker can brute-force calculate hashes for that salt and break into all accounts with just one computational run.
我明白了。但是,password_hash() 将盐嵌入到返回的哈希值中,我认为它是 public,因此攻击者知道每个密码的盐。
换个长私盐不是更好吗?
我能想到的一件事是,使用相同的盐创建的散列对于相同的密码来说是相同的,并且可能允许攻击者通过对数据库中散列的统计分析取得进展。
然而,这可以通过使用私有哈希字典而不是仅使用一个字典来缓解,但是在 PHP 7.password_hash() 中,这不再可能。
我不是安全专家,我相信 PHP 人知道他们在做什么,所以我很高兴听到为什么 password_hash() 方式被认为是正确的方法。
我找到了这个答案:
http://php.net/manual/en/function.password-hash.php#114410
if you thought "why is the salt included in the hash and is it save when i store it as it is in my db?"
Answer i found: The salt just has to be unique. It not meant to be a secret.
As mentioned in notes and docu before: let password_hash() take care of the salt.
With the unique salt you force the attacker to crack the hash. The hash is unique and cannot be found at rainbow tables.