Security 107: The Hashing Algorithm, and why Bcrypt is your best friend

Computer Chip and KeyWhen securing passwords, the effectiveness of the hashing algorithm must also be taken into consideration. Passwords these days should be hashed using AT LEAST the SHA-256 message digest, which produces a much stronger hash than the now-defunct MD5. The main reason for this is that the SHA-256 method produces a hash that is twice the size of its older counterpart (256 bits as opposed to 128 for MD5). More data contained within a hash means a greater number of possible combinations and greater protection from rainbow tables and brute-force attacks.

SHA-256 is a member of the SHA-2 family, which has become more popular after flaws were discovered in the SHA-1 family back in 2005. However, it does have a major drawback, that we touched on in the previous article: SHA-2 is fast, and that’s not what we want.

So now, we’re going to make the past couple of articles moot, and declare the following:
At the time of writing, bcrypt, or some other adaptive hashing algorithm, is the only way to really store passwords safely.

Bcrypt was proposed in a paper back in 1999, but the idea itself is the most important part – instead of creating a hashing function that will inherently become faster and faster as CPU’s continue to chase Moore’s Law, Provos and Mazières put forward a system that includes a work factor, which effectively allows the developer to slow down the processing. Remember… for password storage, slow is good.

How slow? Bcrypt, with a work factor of 12, is about five orders of magnitude slower than md5 for the same data. This won’t be particularly noticeable for a user (300ms for bcrypt; MD5 was far below one millisecond), but it will make a significant difference to any hacker trying to brute-force the password.  Being able to slow down a hacker by this margin is both incredible, and necessary to keep your users’ data safe.

In our final instalment we’ll wrap the series up with a few additional notes that pad out the material we’ve been discussing.

References:

http://codahale.com/how-to-safely-store-a-password/
http://www.securityfocus.com/blogs/262

———————————————————————————-

This post forms one part of our Security series. You can find links to the other editions here:

Security 101: What is Encryption?
Security 102: What is Hashing?
Security Interlude: The real-world difference between Hashing and Encryption
Security 103: Rainbow Tables
Security 104: Improper Password Storage
Security 105: Seasonings (or Salts and Peppers)
Security 106: The Importance of Key Stretching
Security 107: The Hashing Algorithm, and why Bcrypt is your best friend
Security 108: The Other Stuff

———————————————————————————-