Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[NFR] Phalcon\Security to support $2y$ bcrypt hashes #1971

Closed
viktoras25 opened this issue Feb 3, 2014 · 10 comments
Closed

[NFR] Phalcon\Security to support $2y$ bcrypt hashes #1971

viktoras25 opened this issue Feb 3, 2014 · 10 comments

Comments

@viktoras25
Copy link
Contributor

Currently only $2a$ bcrypt hash is available. An option to choose $2y$ would be very nice, so that it is compatible with PHP 5.5+ function password_hash();
@ghost
Copy link

ghost commented Feb 10, 2014

$2a$ and $2y$ generate the same hashes as far as I can tell

@ghost
Copy link

ghost commented Feb 10, 2014

@phalcon Basing on http://www.php.net/security/crypt_blowfish.php maybe we should drop official support for PHP up to 5.3.7 exclusively? PHP up to 5.3.10 have a lot of security vulnerabilities and I doubt that they are used in production.

@viktoras25
Copy link
Contributor Author

I'm not an expert, but as far as I understand according to this:
http://blog.ircmaxell.com/2012/12/seven-ways-to-screw-up-bcrypt.html
$2y$ is preferable. And it is obvious that $2a$ is much, much faster to hash (according to my tests password_hash/verify, that uses $2y$ is 500-1200 times slower), which also means faster to bruteforce.

@ghost
Copy link

ghost commented Feb 10, 2014

And it is obvious that $2a$ is much, much faster to hash

Interesting because the code is absolutely the same :-)

My tests:

$ time php -r 'for ($i=0; $i<1000000; ++$i) crypt("test", "$2a$0123456789012345678912");'

real    0m5.469s
user    0m5.450s
sys     0m0.024s

$ time php -r 'for ($i=0; $i<1000000; ++$i) crypt("test", "$2x$0123456789012345678912");'

real    0m5.452s
user    0m5.450s
sys     0m0.008s

$ time php -r 'for ($i=0; $i<1000000; ++$i) crypt("test", "$2y$0123456789012345678912");'

real    0m5.511s
user    0m5.475s
sys     0m0.016s

http://lxr.php.net/xref/PHP_5_5/ext/standard/crypt_blowfish.c#548

The bug affected the possibility of collisions, not the number of iterations so it is expected that the has generation time will be nearly the same.

@ghost
Copy link

ghost commented Feb 10, 2014

If you mean that password_hash() is slower than crypt(), then yes, if you don't provide a salt to password_hash() it will generate one from /dev/urandom (link)

Other than that, both functions use php_crypt() API internally.

@viktoras25
Copy link
Contributor Author

I have no other explanation other than there was an error in my tests.

There is still difference about 4 times between Phalcon\Security and password_hash generated hashes, but I presume this is due to different ways of salt generating.

@ghost
Copy link

ghost commented Feb 10, 2014

You closed this too early :-) I was adding support for additional hash types :-)

@viktoras25 viktoras25 reopened this Feb 10, 2014
@viktoras25
Copy link
Contributor Author

Oh, sorry :)

@ghost ghost mentioned this issue Feb 11, 2014
Merged
@ghost
Copy link

ghost commented Feb 11, 2014

Fix submitted.

See https://github.com/sjinks/cphalcon/blob/issue-1971/ext/tests/issue-1971.phpt for usage example

@viktoras25
Copy link
Contributor Author

Impressive!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@viktoras25 @niden