本文介绍了良好的加密散列函数的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在创建一个网站,我需要一个安全的算法来存储密码。
我首先想到了bcrypt,但后来我发现我的主机不支持它,我无法更改主机。



我的主机允许这个加密:


  • 标准DES



  • 这些散列:


    • MD5

    • md2,md4& md5

    • sha1,sha256,sha384& sha512
    • ripemd128,ripemd160,ripemd256和ripemd360
      whirlpool
      tiger128,3,tiger160,3, tiger192,3,tiger128,4,tiger160,4& tiger192,4
    • snefru

    • gost

    • adler32

    • crc32& crc32b
      haval128,3,haval160,3,haval192,3,haval224,3,haval256,3,haval128,4,haval160,4,haval192,4,haval224,3,haval256, 4,haval128,5,haval160,5,haval192,5,haval224,5& haval256,5



    所以,你们中的任何一个人都可以用这个和一个盐来修复一个好的算法吗? $ b

    解决方案

    您根本不应该存储加密的密码(或甚至未加密的密码)。相反,使用(拉伸,例如),最好是SHA2-512。

    作为参考,这里列出了哈希的分类(请参见维基百科详细信息):
    $ b

    加密(不是散列函数):DES

    非加密校验和(可笑):adler32,crc32,crc32b

    损坏:MD2,MD4,MD5,SHA1

    :SHA2-256 / 384/512,RIPEMD-128/256,RIPEMD-160 / 320,WHIRLPOOL


    请注意,强度是指找到任何密码的攻击这是一个已知的散列(preimage攻击)。此外,上述排序是偏执狂,立即丢弃任何已知漏洞的散列。


    I am making a website, and I need a secure algorithm to store passwords.I was first thinking of bcrypt, but then I found out my host did not support it and I am not able to change host.

    My host allow this encryption:

    • Standard DES

    And these hashes:

    • MD5
    • md2, md4 & md5
    • sha1, sha256, sha384 & sha512
    • ripemd128, ripemd160, ripemd256 and ripemd360
    • whirlpool
    • tiger128,3, tiger160,3, tiger192,3, tiger128,4, tiger160,4 & tiger192,4
    • snefru
    • gost
    • adler32
    • crc32 & crc32b
    • haval128,3, haval160,3, haval192,3, haval224,3, haval256,3, haval128,4, haval160,4, haval192,4, haval224,3, haval256,4, haval128,5, haval160,5, haval192,5, haval224,5 & haval256,5

    So, can anyone of you fix a good algorithm with that and a salt, please?

    解决方案

    You shouldn't store encrypted (or even unencryped) passwords at all. Instead, use salted hashes (stretched, e.g. with PBKDF2), preferably SHA2-512.

    For reference, here is a classification of the listed hashes (See wikipedia for details):

    Encryption (not a hash function): DES
    Non-cryptographic checksums (laughable): adler32, crc32, crc32b
    Broken: MD2, MD4, MD5,SHA1
    Probably broken: Tiger, snefru, GOST, HAVAL*
    Probably safe: SHA2-256/384/512, RIPEMD-128/256, RIPEMD-160/320, WHIRLPOOL

    Note that the strength refers to the attack of finding any password that matches a known hash (preimage attack). Also, the above sorting is paranoid, instantly discarding any hash with any known vulnerabilities.

    这篇关于良好的加密散列函数的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

07-31 16:48