I've been using PHPass to hash my passwords for a long time. I admit that there's still things I don't fully understand (or ignore) to hash a password properly so today I was reviewing all the info I could find about it.
Reviewing PHPass documents, I've steped into this:
Besides the actual hashing, phpass transparently generates random salts when a new password or passphrase is hashed, and it encodes the hash type, the salt, and the password stretching iteration count into the "hash encoding string" that it returns. When phpass authenticates a password or passphrase against a stored hash, it similarly transparently extracts and uses the hash type identifier, the salt, and the iteration count out of the "hash encoding string". Thus, you do not need to bother with salting and stretching on your own - phpass takes care of these for you.
I've bolded the sentence that bothered me.
I always though that the salt should be somewhat secret, in the sense that it should not be known to the attacker. So if a understood correctly, PHPass stores the salt used in the same hash so it is able to use it when comparing passwords and check if valid.
My questions are
What is Salting? Salting is a concept that typically pertains to password hashing. Essentially, it's a unique value that can be added to the end of the password to create a different hash value. This adds a layer of security to the hashing process, specifically against brute force attacks.
Salting hashes sounds like one of the steps of a hash browns recipe, but in cryptography, the expression refers to adding random data to the input of a hash function to guarantee a unique output, the hash, even when the inputs are the same.
PHP provides a native password hashing API that safely handles both hashing and verifying passwords in a secure manner. Another option is the crypt() function, which supports several hashing algorithms.
Hashing and encryption both provide ways to keep sensitive data safe. However, in almost all circumstances, passwords should be hashed, NOT encrypted. Hashing is a one-way function (i.e., it is impossible to "decrypt" a hash and obtain the original plaintext value). Hashing is appropriate for password validation.
A little background
A salt is not meant to be secret, instead, a salt 'works' by by making sure the hash result unique to each used instance. This is done by picking a different random salt value for each computed hash.
The intention of the salt is not compromised when it is known; the attacker still needs to attack each hash separately. Therefore, you can simply store the salt alongside the password.
So, is PHPass secure?
YES! PHPass (according to the best practices) generates a strong random salt for you. It is a well reviewed and good quality library.
Links of interest:
How to securely hash passwords?
How to store salt?
Password Hashing add salt + pepper or is salt enough?
Salt Generation and open source software
The purpose of a salt is not to be a secret. The purpose is to add a unique component to each hash input, so identical passwords will not hash to identical hashes, thereby making the brute-force process more difficult and time consuming since each hash has to be tried individually.
Yes, it would be marginally more secure if the salt was secret, but that's hard to realize in practice, since your application needs the salt as well, so it needs to be stored somewhere where the password is accessible as well. Therefore, in practice, when the attacker gets the password hash, he's typically also able to get the salt anyway.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With