Fast Hashes Kill Cryptographic Security

by Roopesh Shenoy on Jul 30, 2012 |

Fash Hashing algorithms such as MD5, SHA or SHA1 are not meant for security – to protect critical information, especially passwords, hashing algorithms must be intentionally slowed down to counter brute-force attacks. Troy Hunt, a Microsoft MVP, demonstrates how  the password hashes provided by SqlMembershipProvider are vulnerable to brute-force attacks.

SqlMembershipProvider is the default membership provider that comes with the ASP.NET web application template in VS 2010. In his article Our password hashing has no clothes, Troy demonstrates how the salted SHA1 hash based password security used in the SqlMembershipProvider can be cracked by using a GPU, a dictionary called hashkiller and a brute force algorithm. In a sample size of 40,000, real life passwords (taken from an earlier breach), the algorithm cracked 24,710, or 67% of the passwords, in 45 minutes. And these include passwords that would pass as being strong -

How about “volleyball6” – 11 chars of two different types. Further up the list was “zaq1@WSX” – 8 chars of upper, lower numeric and symbol, surely enough to pass most security policies yet even when stored as a “secure” salted hash, utterly useless.

The problem is the speed with which new hashes can be created once you have a dictionary of potential passwords, with hardware getting faster and faster. 

So what’s the solution? Key stretching, by iterating the hashing several times can offer a way to slow down hashing algorithms enough to make brute-force attack more difficult. Bcrypt and PBKDF2 are two such algorithms - these are called adaptive algorithms since they can be made slower over time (as hardware gets faster) by increasing the number of iterations. Bcrypt.NET implements the former and the DefaultMembershipProvider implements the latter. DefaultMembershipProvider uses 1000 iterations of SHA1 and is the default provider that is present in the ASP.NET MVC 4 template in VS 2012. Troy’s article Stronger password hashing in .NET.. explains how to use some of these alternatives, and also how to migrate your application to stronger hashes without breaking your authentication. 

Rate this Article


Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Tell us what you think

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread
Community comments

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

General Feedback
Marketing and all content copyright © 2006-2016 C4Media Inc. hosted at Contegix, the best ISP we've ever worked with.
Privacy policy

We notice you're using an ad blocker

We understand why you use ad blockers. However to keep InfoQ free we need your support. InfoQ will not provide your data to third parties without individual opt-in consent. We only work with advertisers relevant to our readers. Please consider whitelisting us.