Over a period of time, a lot of websites suffered data breaches user password, which includes top Internet companies - Linkedin.com, CSDN.net, the event swept across the entire domestic Internet, and then it came to more than 8 million users play games information was leaked, another rumor everyone, happy network, a distant community, good margin century, Lily network and other communities are likely to become the next target hackers. The endless stream of similar events to the user's online life a huge impact, feel insecure, because people tend habit of using the same password for different sites, so a"violent Library", all suffer.
So we as a Web application developer, the choice of password storage scheme, which is easy to fall into the pitfalls and how to avoid these traps?
Currently the most used password storage scheme is to make one-way hash plaintext passwords stored after, there is a one-way hash algorithm characteristics: can not hashed summary (digest) recover the original data, which is the"one-way" two source word. Commonly used one-way hash algorithms include SHA-256, SHA-1, MD5 and so on.
Go language these three encryption algorithm is as follows:
//import "crypto/sha256"
h := sha256.New()
io.WriteString(h, "His money is twice tainted: 'taint yours and 'taint mine.")
fmt.Printf("% x", h.Sum(nil))
//import "crypto/sha1"
h := sha1.New()
io.WriteString(h, "His money is twice tainted: 'taint yours and 'taint mine.")
fmt.Printf("% x", h.Sum(nil))
//import "crypto/md5"
h := md5.New()
io.WriteString(h, "需要加密的密码")
fmt.Printf("%x", h.Sum(nil))There are two one-way hash features:
- with a one-way hash of the password, the resulting summary is always uniquely determined.
- calculation speed. As technology advances, a second to complete billions of one-way hash calculation.
Combination of the above two characteristics, taking into account the majority of people are using a combination of common password, the attacker can be a combination of all the common password -way hash, get a summary combination, and then a summary of the database for comparison to obtain the corresponding password. This abstract composition is also known as rainbow table.
Therefore, after a one-way encryption of data stored, and stored in plain text is not much difference. Therefore, once the site database leaked, all the user's password itself is revealed to the world.
Through the above description we know that hackers can use the rainbow table to crack hashed passwords, largely because the hash algorithm used to encrypt is public. If a hacker does not know what encryption hash algorithm, that he will not start up.
An immediate solution is to design their own a hash algorithm. However, a good hash algorithm is very difficult to design - both to avoid the collision, but also can not have obvious rule, these two points to be much more difficult than expected. Therefore, more practical applications is the use of many existing hash hash algorithm.
But simply repeated hash, still could not stop hackers. Twice MD5, MD5 three such methods, we can think of, hackers can think naturally. Especially for some of the open source code, so that it is equivalent to the hash algorithm directly to tell a hacker.
No unassailable shield, but there is no off constantly spear. Now security is relatively good site, will use a technique called" salt" way to store passwords, it is often said that"salt". Their usual practice is to first conduct a user-entered password MD5 (or other hash algorithm) encryption ; MD5 values will be only an administrator before they know plus some random string, and then conduct a MD5 encryption. The random string can be included in certain fixed string, and can include the user name (used to ensure that each user is not the same encryption key used).
//import "crypto/md5"
// Assume the username abc, password 123456
h := md5.New()
io.WriteString(h, "password need to be encrypted")
pwmd5 :=fmt.Sprintf("%x", h.Sum(nil))
// Specify two salt: salt1 = @#$% salt2 = ^&*()
salt1 := "@#$%"
salt2 := "^&*()"
// salt1 + username + salt2 + MD5 splicing
io.WriteString(h, salt1)
io.WriteString(h, "abc")
io.WriteString(h, salt2)
io.WriteString(h, pwmd5)
last :=fmt.Sprintf("%x", h.Sum(nil))In two salt did not reveal circumstances, if the hacker is the last to get the encrypted string, it is almost impossible to figure out what the original password.
Advanced solutions above a few years ago may be safe enough solution because the attacker does not have enough resources to build so many rainbow table. However, so far, because the parallel computing capabilities of the upgrade, this attack has been completely feasible.
How to solve this problem? As long as time and resources permit, without a password can not be deciphered, so the solution is: Calculate the required password deliberately increase the resources and time consuming, so nobody sufficient resources available to establish the required rainbow table.
Such programs have a feature, the algorithm has a factor used to calculate the digest of the password needed to indicate the resources and time, which is computationally intensive. The greater the intensity calculation, an attacker establishes rainbow table more difficult, so that can not continue.
It is recommended scrypt program, scrypt by the famous hacker Colin Percival of the FreeBSD backup service Tarsnap for his development.
Go language which is currently supported by the library http://code.google.com/p/go/source/browse?repo=crypto#hg%2Fscrypt
dk: = scrypt.Key([]byte("some password"), []byte(salt), 16384, 8, 1, 32)Through the above method can obtain only the corresponding password value, which is by far the most difficult to crack.
See here, if you had a sense of crisis, then action:
-
If you are a regular user, then we recommend LastPass for password storage and generation, on different sites use different passwords.
-
If you are a developer, then we strongly suggest you use expert program for password storage.
- Directory
- Previous section: SQL injection
- Next section: Encrypt and decrypt data