现在的位置: 首页 > 编程·网络 > java编程 > 正文
Hashing Java
2014年10月07日 java编程 ⁄ 共 3890字 Hashing Java已关闭评论 ⁄ 被围观 2,017 views+

Introduction

Most of today’s applications use login/password in order to authenticate. Users often use the same login/password for different kinds of applications. If the couple is stolen, everybody can access all the applications the user has access to.

Too often passwords are stored as clear text. Thus the password can be read directly by the database’s administrator, super users or SQL Injection attack etc. The backup media is also vulnerable. In order to solve this problem, passwords must be stored encrypted. Two kinds of encryption are available:

  • One way functions (SHA-256 SHA-1 MD5, ..;) also known as Hashing functions
  • Reversible encryption functions (DES, AES, …).

However, the reversible property of encryption function is useless for credentials storing (cf. OWASP Guide v2.0.1) :

Passwords are secrets. There is no reason to decrypt them under any circumstances. Helpdesk staff should be able to set new passwords (with an audit trail, obviously), not read back old passwords. Therefore, there is no reason to store passwords in a reversible form.

Definition of cryptographic Hashing function:

A Hash function creates a fixed length small fingerprint (or message digest) from an unlimited input string.

hash(X) ->Y X is a infinite set and Y is a finite set.

A good cryptographic Hash function must have these properties:

  • Preimage resistant : From the function output y it must impossible to compute the input x such that hash(x)=y.
  • Second preimage resistant : from an input x1 it must impossible to compute another input x2 (different of x1) such that hash(x1)=hash(x2).
  • Collision resistant : It must be difficult to find two inputs x1 and x2 (x1<>x2) such that hash(x1)=hash(x2).

Sample java code :

 

Credential storage.

If the password’s digest is stored in a database, an attacker should be unable to recover the password thanks to the preimage resistance. The only way to go past this would be a brute force attack, i.e. computing the hash of all possible passwords or a dictionary attack, i.e. computing all the often used password.

Why add salt ?

If each password is simply hashed, identical passwords will have the same hash. There are two drawbacks to choosing to only storing the password’s hash:

In order to solve these problems, a salt can be concatenated to the password before the digest operation.

A salt is a random number of a fixed length. This salt must be different for each stored entry. It must be stored as clear text next to the hashed password.

In this configuration, an attacker must handle a brute force attack on each individual password. The database is now birthday attack/rainbow crack resistant.

A 64 bits salt is recommended in RSA PKCS5 standard.

Sample java code :

Hardening against the attacker's attack

To slow down the computation it is recommended to iterate the hash operation n times. While hashing the password n times does slow down hashing for both attackers and typical users, typical users don't really notice it being that hashing is such a small percentage of their total time interacting with the system. On the other hand, an attacker trying to crack passwords spends nearly 100% of their time hashing so hashing n times gives the appearance of slowing the attacker down by a factor of n while not noticeably affecting the typical user. A minimum of 1000 operations is recommended in RSA PKCS5 standard.

The stored password looks like this : Hash(hash(hash(hash(……….hash(password||salt)))))))))))))))

To authenticate a user, the operation same as above must be performed, followed by a comparison of the two hashes.

The hash function you need to use depends of your security policy. SHA-256 or SHA-512 is recommended for long term storage.

Sample java code :

Complete Java Sample

In order to create the table needed by this application, call the method creerTable(). It creates a TABLE called CREDENTIAL, with these fields :

  • LOGIN VARCHAR (100) PRIMARY KEY
  • PASSWORD VARCHAR (32)
  • SALT VARCHAR (32)

In this database, the password and the salt are stored in Base64 representation.

The method authenticate is used in order to authenticate a user, the method createUser is used to create a new user.

 



本文链接:Hashing Java

转载声明:本站文章若无特别说明,皆为原创,转载请注明来源:海鹏的博客,谢谢!^^


抱歉!评论已关闭.

无觅相关文章插件,快速提升流量