Secure PHP

So, I took time out from decorating to trawl the Internet, as is my wont. I came across a nice site with Apache Mod_Rewrite cheat sheets which is nerdy, but useful. The same site also has a nice article about Writing Secure PHP which is pretty good – although I have some comments…

So I’m a nerd for security, and I do like overkill, but there are some simple things that could be done to improve the security described in the ‘Weak Passwords’ section on page 2.

First off, don’t use MD5. It’s broken , or at least it would be better (and very little effort) to use SHA-1.

Second, if you’re storing the hash (MD5, SHA-1, SHA-256, whatever) of a user’s password, well, don’t just hash the password, but hash the username too. PHP’s Crypt() function is for this kind of thing, with a ‘salt’. E.g.
Function EncryptPassword( $username, $password ) {
$salt = substr($username,0,2);
return crypt($password, $salt);
}

What would this mean? Well, an attacker trying the dictionary attack described would need not 1, but 3844 dictionaries, assuming usernames are alphanumeric and case sensitive.

Hell, why not use the username too as what you’re hashing? I’ve not seen this done anywhere – and I’m not sure of it’s security (I say that in the most paranoid sense) – but principle is the same. By appending the username to the password being hashed, well, you’d need a seperate dictionary for each username. You could even throw in a constant string – it doesn’t add much security, but it means your code would have to be compromised in order to allow precomputation of a dictionary for a user.
Function MakeHash( $username, $password ){
return sha1( $username . "some arbitrary string" . $password);
}

A final thought – don’t underestimate passphrases rather than passwords. They’re easier for people to remember than passwords. Consider ‘r5GG8%’ and ‘elephants lollop gracefully’. Which would you remember? Robert Hessig of Microsoft PSS has a good article. And all of the above techniques would work with a passphrase instead of password – after all, they’re all just text…

Comments from my old blog:

 

DES was broken many years ago, so that’s a very poor alternative to MD5.

By Chris at 16:18:01 Saturday 30th July 2005

 

Puzzled by the DES comment – DES isn’t a good algorithm for encryption, certainly – it’s bust, and we have AES now. Also, DES is a block encryption cipher, whereas MD5 is a hashing algorithm. Different things.

By Andy at 21:50:29 Saturday 19th November 2005

 

I believe the DES comment is because your EncryptPassword function passes crypt a two character salt, which makes crypt use the ‘standard DES-based encryption’.

By Deebster at 16:41:44 Wednesday 29th March 2006

 

Ah, well I’ll be damned. I hadn’t realised that Crypt could use DES. Come to that, I’m not sure why I’m using a Crypt function for what should be hashing. Brain fade, I guess. I suppose that replacing DES with Blowfish would give a function that encrypted the password in a recoverable way, although I’m not a fan of that.

By Andy at 12:28:55 Saturday 6th May 2006

Advertisements
Secure PHP

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s