|
no that was the old way, now its just stored as "password" so their is no need to decrypt it (saves the NSA 5000 man hours a month )
You cant outrun the world, but there is no harm in getting a head start
Real stupidity beats artificial intelligence every time.
|
|
|
|
|
I had a profile on a site that continually (daily) sent me "we want you back" emails. I ignored them, but last week I noticed that they included my username and password -- in case I had forgotten. 
|
|
|
|
|
|
"Page 1 of 289"
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
you're on the front page? well done
You cant outrun the world, but there is no harm in getting a head start
Real stupidity beats artificial intelligence every time.
|
|
|
|
|
Wrong.
The hacker would need to know what hash is being employed to perform an attack and would, most probably have had their own user set up as a known value to check their attack. So maybe they'd see past the subterfuge.
Or maybe someone else is wrong.
veni bibi saltavi
|
|
|
|
|
Also easier to prevent by including some salt, as already discussed quite some times. Companies ain't gonna spend money if it is not required, and people cannot enter the database, so why not store it as plain text?
Bastard Programmer from Hell 
If you can't read my code, try converting it here[^]
|
|
|
|
|
The password is (shuold be) never sent in any form to the server, normally the authentication is a challenge based one.
In phase of registration there is a secure connection where you actually send your password to the server.
Then the login is done by challenge: the server creates a chunk of random data Ri, sends them to the client and at the same time encrypts them using the hash of the password it has stored, creating the encrypted challenge Ci.
The client receives Ri and encrypts using the hash of the provided password, then sends the encrypted chunk Cj to the server.
The server then compares Ci and Cj - if they're equal then the loign is successful.
The main reason because the password should never be sent in any form is to protect from Man In The Middle attacks: if an attacker can sniff your login packet then it may send it again on later times, sending the encrypted password directly to the server with a custom made login packet.
Geek code v 3.12
GCS d--- s-/++ a- C++++ U+++ P- L- E-- W++ N++ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t++ 5? X R++ tv-- b+ DI+++ D++ G e++>+++ h--- r++>+++ y+++*
Weapons extension: ma- k++ F+2 X
// No comment
|
|
|
|
|
I am mathematican.And my english isn't good. So sorry if I fail to make oneself understood.
I have studied cryptology for a little while. I can say that: Hash code's inverse functions's solutions calculates forever.
|
|
|
|
|
|
Yes but a brute force dictionary attack confronting to a DB of hashed passwords does not. It is a common bruteforce:
hash("aaaa") = $1. Does $1 exist in the DB?
hash("aaab") = $2. Does $2 exist in the DB?
....
long, as brute force attacks are, but it works. Unless there is some salt in the hashed password.
Geek code v 3.12
GCS d--- s-/++ a- C++++ U+++ P- L- E-- W++ N++ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t++ 5? X R++ tv-- b+ DI+++ D++ G e++>+++ h--- r++>+++ y+++*
Weapons extension: ma- k++ F+2 X
// No comment
|
|
|
|
|
xiecsuk wrote: Am I missing something here?
Quite a lot, because it's pretty complicated. Firstly, you are assuming they've hashed the password, some (even large companies) don't they use a symmetric algorithm. If a company can send your password to you, say via e-mail, they are using a symmetric algorithm (at best).This is insecure.
The idea is the hashing is one way, so the hash cannot be reversed, so password123 ---> 7FDEADBEEF or whatever. It the password table is stolen there are two immediate vulnerabilities. First off, if the system allows a bad password such as "password" this is going to be the most common value stored in the password field across the table, and you can work backwards through the most probable ones. The second vulnerability is something called a rainbow table, this reduces the amount of time it takes to reverse engineer a password that is going to lead to a particular hash. Worse, these tables are readily available, so you don't need the compuation time to get started.
You can salt the password (adding a random bit of text which you store) in various ways, e.g. add then hash or has the password, salt then hash the result. This mitigates against the vunerabilities described above, but given enough time brute force strategies will always win - even if enough time means from now until after the end of the universe.
|
|
|
|
|
See my reply here : http://www.codeproject.com/Messages/5021585/Re-Am-I-right-or-am-I-right.aspx
|
|
|
|
|
Correct. To horse with passwords, you need a battery of scripts, to handle the myriad staple functions that protect them.
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
Do we get extra points when understanding the reference here ? Or minus points for those who don't ?
|
|
|
|
|
Minus points for those that don't read XKCD regularly. 
|
|
|
|
|
Both, and leave the zero free for those who know but don't respond.
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
...and this proves the "easily remembered" part of that password scheme.
- I would love to change the world, but they won’t give me the source code.
|
|
|
|
|
xiecsuk wrote: I type in pass123 as my password, but unbeknown to me, the system translates that to 321ssap, hashes it and stores it
This is very close.
Actually, what you are thinking of is a salted hash.
In other words, the user types in the password, the receiving application receives the password over some secure method (like HTTPS) then it
1. takes the original password
2. adds a secret salt value
3. hashes the entire thing (pass + salt)
Since a hash is one-way, no one can really decrypt them -- that we know of.
Same Is Same
But look, every time you hash "ABCD" with the same algorithm, you get the same hash.
That means a nefarious character can create tables of hashes (rainbow tables) of common words.
Then, just compare the hash they have to the hashes stored in the datbase.
Proper Salt Probably Prevents
However, if the original value were properly salted, this would protect against that problem, unless the nefarious character should learn what the salt is. which is usually not the problem.
Usually the problem is that the passwords are stored in the database in clear text or simply not salted.
|
|
|
|
|
What he suggests is that the password is transformed again before being hashed, using an algorithm proper to the website. I still fail to see why this is not clever (and it is probably not, otherwise they would all do it. Or maybe they all do it already and nobody knows ?).
|
|
|
|
|
It is as clever as prefixing the password with a constant.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Because it wouldn't prevent the commonest way to bypass hashes: look for identical values.
Even if you reverse every password before you hash it, every user that uses "password" gets the same hash value.
Salting uses different values for each user - the username or row id value for example - and so every user gets a different hash value even if they share a password.
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
"Clever" is never secure, because the security vanish the moment someone figure it out. And if attacker could get their hands on the DB then they also could get the application (possibly even source code).
So as other said slow(!) salted hashes are secure because it doesn't matter that you know how to create the hash. The way back is expensive. If the "secret way" would be enough then everyone will just XOR the password with something "secret", right?
--
"My software never has bugs. It just develops random features."
|
|
|
|
|
Rage wrote: I still fail to see why this is not clever
Depending on the function, it could be just as susceptible to rainbow attacks as not applying the function. Also, given the function, it might still be statistically breakable (e.g. "password" most common) which is even quicker if applicable.
The reverse example he gives has both these flaws, especially given the apparent lack of salt. As Eddie Vluggen says, about as clever as prefixing with a constant- it'll increase the time taken to break, but not by much.
[Edit]
My understanding was the OP was trying to get at how a hashes work generally, rather than a specific implementation 
|
|
|
|
|
Quote: the hacker then decodes by brute force and ignorance to arrive at the actual password
No.
What you propose is little different from another common technique that doesn't really improve security -- that of hashing multiple times.
Attackers don't care what the original password was or how the stored value was calculated, they only care about what they can pass in to gain access.
|
|
|
|
General 
News 
Suggestion 
Question 
Bug 
Answer 
Joke 
Praise 
Rant 
Admin 
Submit an article or tip
