Send password over TCP connection

Paul Rubin http
Thu Oct 13 22:50:57 CEST 2005


"dcrespo" <dcrespo at gmail.com> writes:
> Ok, I understand... What about the MD5? Is it good enough to use when
> saving a hashed password on the database?
> 
> For example:
> user_input = raw_input("Type your password: ")
> password = md5.md5(user_input).hexdigest()
> SavePasswordInDatabase(user,password)

The usual way to do it is something more like:

   import os,binascii
   salt = binascii.b2a_base64(os.urandom(6))[:6]
   user_input = raw_input("Type your password: ")
   password = md5.md5(salt + user_input).hexdigest()
   SavePasswordInDatabase(user,salt,password)

The random salt slows down offline dictionary attacks against the
database.  Say you have 1000 accounts on your system and the attacker
needs just one password to log in and mess with stuff.  With your
scheme, he hashes each word in a large dictionary (say a million
words), sorts on the hash values, sorts your hashed password list on
its hash values, then compares the two sorted lists and if there's
even one match, you're cooked.  Each hash he computes can be compared
against all your accounts in parallel.  The salt means he has to do
them one by one, slowing him down by a factor of 1000.  However,
computers are now fast enough that dictionary attacks against every
single password are a serious threat.

If you have a way of storing a secret key K, then rather than using
unkeyed md5(whatever), use hmac(K, whatever).  But revealing K
effectively turns the hmac into an unkeyed hash.

Can you say what your application is?  That will help figure out how
far you need to go to protect these passwords, and what alternatives
might be possible.  

I highly recommend the book "Security Engineering" by Ross Anderson
for a good cultural introduction to what you're getting into when you
program this stuff.  It's a fun book to read, too.



More information about the Python-list mailing list