Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight

Re: CGI and saving passwords

by flyingmoose (Priest)
on May 04, 2004 at 14:58 UTC ( #350352=note: print w/replies, xml ) Need Help??

in reply to CGI and saving passwords

All good comments (except for the part about saving passwords in cookies! Bad coder! No donut!), but I'll add in some comments that some folks have not yet made.

Given the choice of a hashing algorithm, please advice new folks to use the strongest available... this means SHA1 over MD5, and MD5 over crypt. Better SHA is also an option ... look at CPAN for modules available. Might as well be paranoid. "YourFavoriteHashingAlgorithm" certaintly doesn't mean you can roll your own, at least not if you have any ethics -- it's far too easy to make a weak function.

You say 'most likely will give a unique ID', but you (in the case of dealing with Credit Cards, especially) might have an obligation to make sure they ARE unique. Good security is based on good math, not chance. One of the failings of random number generators is that they are not unique, so again, it never hurts to be paranoid.

Perhaps obvious, but when possible, use SSL. This not only encrypts the session from basic packet sniffing, but (when using certs), can tip someone off to a man-in-the-middle type attack, where you could be tricked into authenticating to a server that wasn't really the server you were connecting to.

Replies are listed 'Best First'.
Re: Re: CGI and saving passwords
by JoeJaz (Monk) on May 04, 2004 at 17:47 UTC
    I had no idea that SHA1 is better than MD5. I'll have to use that instead. It appears I don't get a donut as well :-) My original implementation was to store password cookies, but after learning about sessions and all of the other options that were much more secure than cookies... I don't know what I was thinking. Good to know about the Credit Cards and the SSL. Luckily I don't need that for this project, but I have always been curious about how to design transaction-secure applications. Thanks for your advice. Joe
      At this point in time, AFAIK, the difference between sha1 and md5 and their respective security is prety well academic (I'll stand corrected, i'm not a math/crypto geek).

      Another point to note is sha1 can be a little slower to compute than md5, however on modern hardware, the difference is probably not material.

      All that said, the effort between your code using sha1 and md5 is actually zero, so you may as well use the stronger algorithm right off the bat.

        You're right, it is fairly academic ... md5 does have some known (but minor) collision problems, though.

        At this point (or level of questioning), one also might want to understand 'plaintext equivalence', just to not get in the rut of 'it's not a password but it's as GOOD as a password'. Sending md5 hashes over plaintext http is a plaintext equivalence problem. Session ID's are best. I know of a certain app that doesn't send passwords, but you can sniff the transmissions, copy the packets, and use them in a "replay attack" -- because what is sent, though not the password, is just as good as a password.

        Also see "challenge-response" type behavior (we're getting into overkill if you aren't dealing with shell accounts at this point) and maybe if you are really excited about this, read "Applied Cryptography" by Bruce S. I really don't claim to understand half of it, but it's a good skim during boring work telecoms -- and math is fun.

        Really, most people don't need to worry about all of these vulnerabilities or potential vulnerabilities, but it is important to know when you do need to know, which unfortunately most people don't know when they need to know :)

        Good to know. Though I have heard of SHA1, I had never "encountered" it before. Thanks for weighing some of the pros and cons of each hash. Joe

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://350352]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others wandering the Monastery: (7)
As of 2023-02-02 15:31 GMT
Find Nodes?
    Voting Booth?
    I prefer not to run the latest version of Perl because:

    Results (19 votes). Check out past polls.