BT
x Your opinion matters! Please fill in the InfoQ Survey about your reading habits!

Fast Hashes Kill Cryptographic Security

by Roopesh Shenoy on Jul 30, 2012 |

Fash Hashing algorithms such as MD5, SHA or SHA1 are not meant for security – to protect critical information, especially passwords, hashing algorithms must be intentionally slowed down to counter brute-force attacks. Troy Hunt, a Microsoft MVP, demonstrates how  the password hashes provided by SqlMembershipProvider are vulnerable to brute-force attacks.

SqlMembershipProvider is the default membership provider that comes with the ASP.NET web application template in VS 2010. In his article Our password hashing has no clothes, Troy demonstrates how the salted SHA1 hash based password security used in the SqlMembershipProvider can be cracked by using a GPU, a dictionary called hashkiller and a brute force algorithm. In a sample size of 40,000, real life passwords (taken from an earlier breach), the algorithm cracked 24,710, or 67% of the passwords, in 45 minutes. And these include passwords that would pass as being strong -

How about “volleyball6” – 11 chars of two different types. Further up the list was “zaq1@WSX” – 8 chars of upper, lower numeric and symbol, surely enough to pass most security policies yet even when stored as a “secure” salted hash, utterly useless.

The problem is the speed with which new hashes can be created once you have a dictionary of potential passwords, with hardware getting faster and faster. 

So what’s the solution? Key stretching, by iterating the hashing several times can offer a way to slow down hashing algorithms enough to make brute-force attack more difficult. Bcrypt and PBKDF2 are two such algorithms - these are called adaptive algorithms since they can be made slower over time (as hardware gets faster) by increasing the number of iterations. Bcrypt.NET implements the former and the DefaultMembershipProvider implements the latter. DefaultMembershipProvider uses 1000 iterations of SHA1 and is the default provider that is present in the ASP.NET MVC 4 template in VS 2012. Troy’s article Stronger password hashing in .NET.. explains how to use some of these alternatives, and also how to migrate your application to stronger hashes without breaking your authentication. 

Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Tell us what you think

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread
Community comments

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Discuss

Educational Content

General Feedback
Bugs
Advertising
Editorial
InfoQ.com and all content copyright © 2006-2014 C4Media Inc. InfoQ.com hosted at Contegix, the best ISP we've ever worked with.
Privacy policy
BT