I was wondering if there is a python cognate to PHP's crypt() function that performs in a similar way, generating a random salt and embedding it within the saved string.
I have a table of hashed passwords that were created using the $5$ string key to setup a SHA256 based salted cryptogram. These hashes had some additional recorded entropy attached to both ends at a fixed interval, but splitting these characters off the string and getting the core hash is trivial and not a problem at all.
I've looked at the python documentation and can't find any methods in hashlib that seem to utilize the same syntax from php's crypt(). Is the approach utilized in PHP (the input format split with dollar signs between salt, algo and rounds) unique to the language?
Thanks.
EDIT:
It looks as though the revised version of python's own native crypt function is going to utilize procedures similar to that of PHP. From the 3.3 pre-release documentation:
http://docs.python.org/dev/library/crypt.html
EDIT:
Finally found Passlib, a library that provides this functionality in pure python.
http://packages.python.org/passlib/index.html
I realize that this question is old, however I found it while I was trying to implement a login algorithm in Python that was originally written in PHP. The crypt function in PHP uses any of a handful of somewhat insecure DES algorithms, including bcrypt. It depends on what you hash your string with. Passlib is pretty much your best bet for replicating the functionality your application is currently getting from PHP crypt. Take one of your hashed passwords, and look at the front of the string. You should see something like $2a$, $3$, $6$ (or similar). Note that if this string does not exist, you are more than likely using standard DES hashing.
Take that info to this link:
http://pythonhosted.org/passlib/modular_crypt_format.html#mcf-identifiers
Then, match it up to the algorithm you need to implement in Python. The Scheme identifiers are links to the passlib documentation regarding that hashing algorithm. At this point, you should have all the info you need to complete your reimplementation.
It certainly looks very similar to FreeBSD's crypt (see "modular crypt" in the manpage). I don't really recall if it's the same way in Linux or other but this seems to indicate it's not unique.
There's no direct equivalent in Python as far as I know, but it shouldn't be too hard to roll your own since the encryption algorithms themselves should be supported in hashlib.
Related
This question already has answers here:
Closed 11 years ago.
Possible Duplicate:
Best way to use PHP to encrypt and decrypt?
For my project I want to store password in encrypted format,
so i have stored it using md5('password'), but my project requirement is that we should be able to decrypt the password, and as you all know we can not decrypt md5 encrypted string.
so i have choose it to encode using base64_decode('password') and decode it using base64_decode('encodedpassword').
but i want to know that is it a best practice to use base64_encode ? or is there any other encryption decryption technique with PHP?
First off, md5('password') is not encryption. You cannot recover the original password after you hash the data. NB for technical readers: a brute force attack will not recover the password either, since there are a finite number of hashes and an infinite number of different strings.
Now, base64_encode('password') is also not encryption, except possibly in the very loosest sense of the word. Anyone can look at the Base64 text and recover the original password.
Encryption as it is generally known consists of a plaintext and a private key of some sort. An example of an encryption algorithm would be AES-256 ("Rijndael" is the name of the algorithm which won the AES contest and thus the title). AES-256 uses a 256-bit key and is generally considered very secure when properly implemented.
Cryptography is not a topic which should be approached lightly. It is extremely difficult to get right and the consequences when you do not are, although this seems contradictory, both subtle and severe.
You should very carefully evaluate whether you need to be able to recover the password. In 99.9999999% of all cases, the answer is "no". In fact, I cannot think of a case where the plain-text of the password would matter to you.
After you are done evaluating whether you need to be able to recover the password, decide that you do not need to be able to recover the password.
After that step, if you still believe you need to be able to recover the password, look at already-written crypto libraries for PHP. OpenSSL is a well-tested generally-accepted crypto framework which implements pretty much every popular encryption standard, but it may be a little on the difficult-to-use side. mcrypt is very commonly installed and generally easier to use.
I usually just go w/ sha-1 + a salt.., take a look at the crypt function.
For PHP version 5.3+
You would use Bcrypt, which is the strongest hash I have ever known.
But the problem is that it is slower than other encryptions.
I recommend AES256 which is faster than bcrypt and safe as well
I am working on a script and need to save passwords. For development purposes, I have been using the crypt() function because it was easy and available. Now that I am mostly done, I want to replace it with something a little better and more consistent.
Some of the concerns I have are:
not all algorithms are supported on every system
sometimes the salt is pre-pended to the result (seems like a security problem)
I want something that works with PHP 4.3+.
Is there anything available, or should I stick with crypt()? I thought about using md5(md5($password).$salt). Thanks for the insight.
There is nothing wrong with crypt
If your server does not support it, use another server.
You should NEVER use MD5 for hashing passwords (or even SHA1 for that matter)
Use either bcrypt (the blowfish method of crypt) or pbkdf2
There is an implementation of pbkdf2 here:
Encrypting Passwords with PHP for Storage Using the RSA PBKDF2 Standard
More information on why and how here:
Which password hashing method should I use?
Do any security experts recommend bcrypt for password storage?
First of all: Prepending the salt is not a security problem. Having a per-password salt is a big goodie, and it's perfectly OK to it being store alongside the pw.
Now: As long as you don't transport password hashes from one system to another, and the latter not supporting the default algorithm of the first, nothing bad will happen by definition. Since PHP 5.3 there are built-in algorithms in PHP such as Blowfish, that are guaranteed to be available.
I decided to drop md5() as the password-encrypting algorithm when storing user passwords in DB, in favor of phpass library.
On the systems using md5, it was no problem to have a Production/Development dyad, as the resulting hash was the same. So, in case I created a test user in either one of them, the same password worked in the other environment.
From what I gather, this is not the same for other types of hashing algorithms, as phpass (or its internal php functions) creates platform-dependent hashes (I'm a hashing/encryption novice).
My question is, how should one approach this situation? Different database in prod/dev? But what if "upstairs" decided that we should move our web application (along with its DB) to another server - wouldn't the hashed passwords be now invalid - as phpass would create different hashes for the same (old) passwords?
Later edit:
Well, I didn't bother to check a dev hash to a production one. Even though they're different, their comparison results in "true", as in "they're quivalent". I thought, if hashes are different, they don't match (like md5).
A very simple solution to your problem: Always use the latest stable version of PHP. As of 5.3 PHP provides native implementations of crypt algorithms and thus isn't platform dependent anymore. Your hashes should thus be compatible.
Is there a particular reason why you decided to use the phpass library? You didn't elaborate on that point, but if you were simply looking for a more secure algorithm than MD5, take a look at hash() coupled with an algorithm like sha512.
Tiger algorithms in PHP
The Tiger192,4 algorithm is often recommended for hashing, however I've just discovered you can get different hash values on different machines.
Impossible! (you say)
Well it turns out PHP <5.4 implements Tiger with LSB first, while PHP 5.4+ implements Tiger with MSB first. Which is correct? I can't say (LSB matches testtiger while MSB matches the wikipedia examples) but the point is... don't use Tiger if hashes need to be portable or survive a PHP upgrade (a PHP 5.3->5.4 will break a Tiger hashed password table, which has significant maintainability implications).
To test...
echo hash("tiger192,3","The quick brown fox jumps over the lazy cog")."\n".
hash("tiger192,3","");
MSB: (PHP 5.4.5)
a8f04b0f7201a0d728101c9d26525b31764a3493fcd8458f
3293ac630c13f0245f92bbb1766e16167a4e58492dde73f3
LSB: (PHP 5.3.2)
d7a001720f4bf0a8315b52269d1c10288f45d8fc93344a76
24f0130c63ac933216166e76b1bb925ff373de2d49584e7a
(My solution? Use a different algorithm, and embed a known hash test in the unit test code)
I am migrating my PHP code to Google App Engine - Java.
Since I couldn't find an equivalent function of crypt in Java,
I can do without it if I find an equivalent function in actionscript.
Edit 1: Here is my php code for encrypting passwords :
$password = "test123";
$pwd = crypt($password,$password);
echo $pwd;
Output is (On Windows as well as a linux based server on HostMonser):
temjCCsjBECmU
as3crypto might be of help. It provides DES, and together with Base64, you should be able to recreate PHP's crypt function. OTOH, unless you really need the exact same behaviour, you might just as well take anything else the library offers.
greetz
back2dos
Don't think you'll find an exact analog. crypt() as exists in PHP is an artifact of its Unix heritage, and is usually just a wrapper around the base C library. It won't even behave identically between operating systems.
What you should do is define your password hashing practice clearly (e.g. SHA256 with 8 bytes of salt or something), and run it through a library providing the appropriate algorithm.
Google for com.adobe.crypto (pretty sure it's part of the as3corelib project), it has several cryptographic hash functions.
You can accomplish this same thing in Java as well (and probably better and faster), though I don't know any particular libraries off the top of my head, not having dealt much with Java.
Incidentally, you should probably read through these articles before going much further:
http://en.wikipedia.org/wiki/Cryptographic_hash_function
http://en.wikipedia.org/wiki/Crypt_(Unix)
http://en.wikipedia.org/wiki/Salt_(cryptography)
I mean, crypt()'s return is always different.
So how do websites like 4chan do to give a permanent tripcode to a password?
Are they stored in a database?
4chan's tripcodes are created using a specific formula, and are a shorter version of a hash. You can achieve the same effect by using MD5 or SHA1.
Encrypt string to MD5 (PHP):
$md5 = md5("$string");
Encrypt string to SHA1 (PHP):
$sha1 = sha1("$string");
There is no way to reverse the hashing process (just like tripcodes), but with time and power they can be "bruteforced" back to plain text.
It's quite common to salt a password, then hash it using DES, MD5, SHA, or newer hashes. The salt is then stored as part of the password.
PHP's crypt works this way, although the exact algorithm it uses to hash the password may be different between versions of PHP... and even between operating systems, although the latter supposedly changed in PHP 5.3. (PHP now includes its own hashing library instead of relying on the OS library, which is really, really important if you're using Windows, as crypt function on Windows only supported DES with 2-byte salt prior to this)
Edit:
Note: crypt has an optional second argument. Passing the encrypted password as the second argument will usually get PHP to detect the salt and algorithm used to originally hash the password, namely because everything other than DES start with $#$ where # is a number.
You pass the salt to crypt() as the second argument. This causes the output to use that salt instead of generating one on the fly.
The salt being randomly generated is why crypt("something") returns different results each time. If I run crypt("something", "ab"), it'll be identical every time. I don't have PHP here to check what the value is, though.
Wikipedia has an article about Tripcodes.
I think there's a table "tripcodes" where tripcodes were generated with the Wikipedia's and they are associated with strings they come from, no?
Yes password are stored in a database but without the use of crypt(). They use sha1() or encryption database function like AES_ENCRYPT() in mysql.