Page 1 of 2 12 Last
  • Jump to page:
    #1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2012
    Posts
    146
    Rep Power
    2

    Question Crypt() without salt gives longer string than with salt??


    Hi all,

    I was under the impression, that using a salt for php crypt() function would make a string more crypted. however, when I do this:
    PHP Code:
    //$randomID generated to 10 varchar string
    $cleanpw1 crypt('thispassword1111');
    $cleanpw2 crypt('thispassword1111'md5('thispassword1111'));
    $cleanpw3 crypt('thispassword1111'md5($randomID));
    echo 
    $cleanpw1."<br>".$cleanpw2."<br>".$cleanpw3
    the output I get is:
    $1$zKCoK2/i$jElx3xuWMYwN8VsxHLY3x/
    ef827I6B6vgQ2
    27j6vsZz7cGqE
    to me, it looks like the unsalted crypt() gives a string that would be more crypted/secure. am I missing something here?

    b.t.w. the shared server I'm on does not have blowfish, sha256 or sha512.
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2012
    Posts
    194
    Rep Power
    76
    should be:
    PHP Code:
    //$randomID generated to 10 varchar string
    $cleanpw1 crypt('thispassword1111');
    $cleanpw2 crypt('thispassword1111'.md5('thispassword1111'));
    $cleanpw3 crypt('thispassword1111'.md5($randomID));
    echo 
    $cleanpw1."<br>".$cleanpw2."<br>".$cleanpw3
    notice the difference?

    Comments on this post

    • Jacques1 disagrees : What are you talking about?
  4. #3
  5. Come play with me!
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    13,756
    Rep Power
    9397
    The salt also indicates what hashing mechanism to use. Read the documentation.

    Your md5() hash salt tells crypt to use a DES hash. That's not very useful because the hash is so small, as you've seen. Without, your system is using an MD5 hash which is much better.

    The correct way to do this (using an MD5 hash) would be more like
    PHP Code:
    $cleanpw crypt('thispassword1111''$1$' substr(uniqid(time(), true), -9)); 
    Last edited by requinix; April 24th, 2013 at 05:48 PM.
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2012
    Posts
    146
    Rep Power
    2
    I sure do. Thanks for the info.

    When I make that change, now, they are all 35 characters (including the preceeding $1$).

    So it looks like there really isn't a need to state a salt in the function.

    In otherwords, simply doing
    PHP Code:
    $cleanpw1 crypt('thispassword1111'); 
    is as sufficient as using the salt. Might as well keep it simple and just go with: $cleanpw1 = crypt('thispassword1111');
  8. #5
  9. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,933
    Rep Power
    1045
    Hi,

    the "salt" argument is actually a configuration string indicating the algorithm, possibly the number of rounds (depending on the algorithm) and the salt.

    The results you got were generated by completely different algorithms. The first is md5crypt (which is the default on your system), the other two are DEScrypt (due to the lack of an algorithm prefix). None of them are anywhere near secure.

    Do not use crypt() directly unless you know exactly what you're doing. If you just wanna generate password hashes, use a password library like password_compat or PHPass.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  10. #6
  11. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2012
    Posts
    146
    Rep Power
    2
    Thanks for the reply. I've looked at those other options as well, but since I'm not on a PHP version 5.3+, would not be able to use them.

    I've also read that the native php crypt() is a preferred method. Your suggesting it's not?
  12. #7
  13. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2012
    Posts
    146
    Rep Power
    2
    Originally Posted by requinix
    The salt also indicates what hashing mechanism to use. Read the documentation.

    Your md5() hash salt tells crypt to use a DES hash. That's not very useful because the hash is so small, as you've seen. Without, your system is using an MD5 hash which is much better.

    The correct way to do this (using an MD5 hash) would be more like
    PHP Code:
    $cleanpw crypt('thispassword1111''$1$' substr(uniqid(time(), true), -9)); 
    When I run this code
    PHP Code:
    $cleanpw crypt('thispassword1111''$1$' substr($randomID(time(), true), -9)); 
    I get this:
    Fatal error: Call to undefined function DgoG5M789R()
    When I run this:
    PHP Code:
    $cleanpw crypt('thispassword1111''$1$' substr($randomID, -9)); 
    It works, but again is a 35 character string. So in the end, it still looks like simply doing this
    PHP Code:

     $cleanpw1 
    crypt('thispassword1111'); 
    Will give the same type of encrypted results. Is that, essentially, the case?
  14. #8
  15. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2012
    Posts
    146
    Rep Power
    2
    Also, when I run $cleanpw1 = crypt('thispassword1111'); and echo the result...when I refresh the page I see the result changes each time.

    This is how a "check" is supposed to be made against the stored crypted version:
    PHP Code:
    if (crypt($user_input$hashed_password) == $hashed_password) {
       echo 
    "Password verified!";

    Question, if runing crypt against the user's password (testing with thispassord1111 in this case) produces different results each time it's run...how can it be expected to compare on the first time, each time?
  16. #9
  17. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,933
    Rep Power
    1045
    Originally Posted by we5inelgr
    Thanks for the reply. I've looked at those other options as well, but since I'm not on a PHP version 5.3+, would not be able to use them.
    PHPass starts at PHP 3. If your hoster doesn't even have that, I think it's time to switch.



    Originally Posted by we5inelgr
    I've also read that the native php crypt() is a preferred method. Your suggesting it's not?
    No, definitely not. crypt() is a lowlevel function for use in cryptographic libraries. It's clearly not meant for "end users". That's what the libraries are for. PHP 5.5 will have a native password API.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  18. #10
  19. No Profile Picture
    Lost in code
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 2004
    Posts
    8,301
    Rep Power
    7170
    If you don't specify a second argument to crypt it picks its own algorithm and randomly generates its own salt. This is why the output is different every time you refresh the page.

    When you're checking the password you're giving crypt the original salt to use, so the value it generates is the same (assuming the password is the same).

    Fatal error: Call to undefined function DgoG5M789R()
    That's because you changed 'uniqid' to '$randomID'.
    PHP FAQ

    Originally Posted by Spad
    Ah USB, the only rectangular connector where you have to make 3 attempts before you get it the right way around
  20. #11
  21. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2012
    Posts
    146
    Rep Power
    2
    Originally Posted by Jacques1
    PHPass starts at PHP 3. If your hoster doesn't even have that, I think it's time to switch.





    No, definitely not. crypt() is a lowlevel function for use in cryptographic libraries. It's clearly not meant for "end users". That's what the libraries are for. PHP 5.5 will have a native password API.
    Right now, we're on version 5.x So for now I'll need to work with what I've got. When they move to version 5.5, I will modify the code to take advantage of the new API. Thanks.
  22. #12
  23. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2012
    Posts
    146
    Rep Power
    2
    Originally Posted by E-Oreo
    If you don't specify a second argument to crypt it picks its own algorithm and randomly generates its own salt. This is why the output is different every time you refresh the page.

    When you're checking the password you're giving crypt the original salt to use, so the value it generates is the same (assuming the password is the same).

    When I run this:
    PHP Code:
    $cleanpw crypt('thispassword1111'.md5('static_string')); 
    I get a different result each time I refresh the page. Isn't this telling php to use the md5 salt, with the string (that doesn't change)?

    I'm still missing something here. How to get this to output the same $cleanpw each time?
    Last edited by we5inelgr; April 25th, 2013 at 12:54 AM.
  24. #13
  25. No Profile Picture
    Lost in code
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 2004
    Posts
    8,301
    Rep Power
    7170
    PHP Code:
    $cleanpw crypt('thispassword1111'.md5('static_string')); 
    That is not the correct way of using crypt; it is not telling PHP to use the md5 salt, it's telling PHP to randomly generate its own salt. See post #3 by requinix for an example of using crypt.

    The salt value is always passed as the second argument; however, as Jacques1 indicated, the second argument is more than just the salt. It also contains configuration information about which algorithm to use for hashing.

    How to get this to output the same $cleanpw each time?
    Just like you did in post #8:
    PHP Code:
    if (crypt($user_input$hashed_password) == $hashed_password) {
       echo 
    "Password verified!";

    As Jacques1 mentioned, crypt is not a simple function to understand, although that doesn't mean you should give up on trying to learn about it.
    PHP FAQ

    Originally Posted by Spad
    Ah USB, the only rectangular connector where you have to make 3 attempts before you get it the right way around
  26. #14
  27. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,933
    Rep Power
    1045
    Originally Posted by we5inelgr
    Right now, we're on version 5.x
    Again: PHPass starts at PHP 3. PHP 5 came after PHP 3. This means you can and should use PHPass.

    Do not fumble with cryptographic functions unless you really, truly know what you're doing. I know this sounds terribly condescending, but when you use md5() like that and confuse string concatenation with passing the salt parameter, it's time to stop.

    Unfortunately, PHP with its terrible md5() function has poisoned people's minds and tricked them into believing that everybody is a cryptographer and that everybody can make their own crypto scheme with a bit of md5(), rand() and whatnot. This is a lie. Choosing the right hash algorithm, generating secure salts, applying the hash correctly requires actual knowledge. We should leave it to the experts -- just like we leave brain surgeries to the doctors and the maintenance of airliners to mechanics.

    There are several established libraries for every possible PHP version, written by people who know this stuff better than any of us. Why don't we just use those libraries? Why does everybody have to reinvent the wheel again and again and fail again and again?

    Don't get me wrong: It's great to learn new things. If you're interested in the crypt() function, go ahead and learn how to use it. Maybe write your own implementation of MD5. Anything. But do not use those things on an actual website when you don't know how they work. Just imagine all your passwords and email addresses being exposed due to some misunderstanding ("Oops, I didn't know that time() makes a bad salt"). Not cool, right?

    Comments on this post

    • Matt1776 agrees : absolutamente
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  28. #15
  29. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2012
    Posts
    146
    Rep Power
    2
    Originally Posted by Jacques1
    Again: PHPass starts at PHP 3. PHP 5 came after PHP 3. This means you can and should use PHPass.

    Do not fumble with cryptographic functions unless you really, truly know what you're doing. I know this sounds terribly condescending, but when you use md5() like that and confuse string concatenation with passing the salt parameter, it's time to stop.

    Unfortunately, PHP with its terrible md5() function has poisoned people's minds and tricked them into believing that everybody is a cryptographer and that everybody can make their own crypto scheme with a bit of md5(), rand() and whatnot. This is a lie. Choosing the right hash algorithm, generating secure salts, applying the hash correctly requires actual knowledge. We should leave it to the experts -- just like we leave brain surgeries to the doctors and the maintenance of airliners to mechanics.

    There are several established libraries for every possible PHP version, written by people who know this stuff better than any of us. Why don't we just use those libraries? Why does everybody have to reinvent the wheel again and again and fail again and again?

    Don't get me wrong: It's great to learn new things. If you're interested in the crypt() function, go ahead and learn how to use it. Maybe write your own implementation of MD5. Anything. But do not use those things on an actual website when you don't know how they work. Just imagine all your passwords and email addresses being exposed due to some misunderstanding ("Oops, I didn't know that time() makes a bad salt"). Not cool, right?

    Yes, I'm trying to learn how to use crypt(). No, this isn't being used on a production web site. It's being tested on a unit test server.

    PHPass uses CRYPT_BLOWFISH first (which I've mentioned I don't have access to in the OP), and MD5 as a fallback (which is apparently bad from what you say). So I'm not understanding how PHPass would benefit me?

    And, since PHPass is (apparently) pretty well know, doesn't that make it a target for hackers?

    And lastly, from the PHPass site:
    http://www.openwall.com/articles/PHP-Users-Passwords

    They state:
    Decent systems/applications do not actually store users' passwords. Instead, they transform new passwords being set/changed into password hashes with cryptographic (one-way) hash functions, and they store those hashes. They should preferably use hash functions intended for password hashing. Direct/naive use of other cryptographic hash functions, such as PHP's md5(), sha1(), or hash('sha256', ...) for that matter, has dire consequences.
    So they are saying that the prefered method is to use a one-way hash function, which is exactly what crypt() is.

    Thanks again.
    Last edited by we5inelgr; April 25th, 2013 at 05:41 PM.
Page 1 of 2 12 Last
  • Jump to page:

IMN logo majestic logo threadwatch logo seochat tools logo