On Jul 31, 2009, at 7:55 AM, Julio wrote: > .. And even if you use the same salt for each password It'd still be a > time-consuming job since for each "clear" password in a rainbow table > you'd have to "recompute" the new hash based on the salt and scan the > rainbow table entirely for each record, now I totally agree that > adding a salt for each password (obviously it has to be predictable so > we can generate the hash again at log in time) will strengthen the > passwords greatly. > > My suggestion is simply implement the new salting algorithm, move the > unsalted hashed password to a lookup table (which will be deleted > eventually), and "expire" the passwords for all your users, and on the > next logon, they will have to type the old one, then create a new one > and this time it'll be hashed with the proper salt, this way, even > though "compatibility" will break, we'll still have a means to > "correct" this. > > The way I do it in pyforum for instance, is this: > > passwd = "Hello World" > hashed_pwd_tmp = hashlib.md5(passwd).hexdigest() > hashed_passwd = hashlib.md5("%s%s" % (tmp_hashed_pwd, > passwd)).hexdigest() > > So basically I prepend (or append, I don't have the code at this time) > the hashed password to the clear password and re-hash the whole string > again, breakable? of course, but exponentially harder.
The problem with this approach (what I've been calling a deterministic password transform) is that it's no harder to precompute a new rainbow table, knowing the algorithm, which is public, than it was to compute the first rainbow table. Well, a little harder, since there are two md5's per entry instead of one, but that's all. Consider instead: passwd = "Hello World" salt = random.randint(1, 1000000).str hashed_pwd = hashlib.md5(passwd+salt).hexdigest()+salt This expands the size of the required rainbow table by a factor of 1,000,000. The confusion here might be that we're assuming different attacks. Perhaps: * you're assuming that the attack is to use an existing md5 rainbow table * I'm assuming that the attack is to create a new rainbow table for web2py passwords --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py-users" group. To post to this group, send email to web2py@googlegroups.com To unsubscribe from this group, send email to web2py+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---