Protecting Your Clients' Privacy
- 2. ProtectingYour Users’ Privacy @_aijaz_ Password Data on Remote Servers Two Simple Things
- 4. Survive
- 6. SELECT * FROM USERTABLE WHERE login = ‘admin’ AND password = ‘secret’ secret $2a$07$Me1Q2TCPPce0oiUZ6IlJIQ3td4OKz/Pow2G One Way Hash Algorithm
- 7. $2a$07$Me1Q2TC6IlJIQ3td4OKz/Pow2G SELECT * FROM USERTABLE WHERE login = ‘admin’ AND password=crypt(‘secret’, password) Modern databases support many kinds of hashes.
- 8. Salts Login: [email protected] Password: ‘hello’ Salt: 23ddkc Hash: $2a$05$23ddkc20ker0998Q... Login: [email protected] Password: ‘hello’ Salt: Zff7dk Hash: $2a$05$Zff7dkf93kNSqnzC...
- 9. Use Random Salts [email protected] | ab287efee2876aa... [email protected] | ab287efee2876aa... ... [email protected] | ab287efee2876aa...
- 11. Target hash: $2a$05$23ddkc20ker09 ‘open!‘ -> $2a$05$dhwefu23823ld NO MATCH ‘sesame!’ -> $2a$05$39dk2sdkfu3el NO MATCH ... ‘friend’ -> $2a$05$23ddkc20ker09 ENTER!
- 12. Guessing Passwords Your System can throttle, lock out Password files can be analyzed offline
- 13. 1- Use bcrypt $2a$05$d098b0fc4aZKYOHnlPZff7NSqnzCrPwn0yqnyi 2 5 iterations $2a$10$8ib9C2Zk8dDAPE8Kim0ogE9su11SDyHGuv4YUC 2 10 iterations - much more secure, much slower You get to choose how many iterations you want. The hash includes a random salt.
- 14. Increasing Iterations password = cgi->fields->password if (password is valid) { numIter = substr(hash, 4, 2); numIter++; newhash = bcrypt(password, numIter); replace hash with newhash in database } $2a$05$d098b0fc4aZKYOHnlPZff7NSqnzCrPwn0yqnyi $2a$10$8ib9C2Zk8dDAPE8Kim0ogE9su11SDyHGuv4YUC
- 15. Secure Hashes are Slow Algorithm Guessing Speed Unsalted SHA-1 SHA512 bcrypt(10) bcrypt(16) bcrypt(20) 15.5 Billion guesses/second 11,000 guesses/second 11 guesses/second 5.5 seconds/guess 87.5 seconds/guess
- 16. Reusing a Password Facebook User: [email protected] Password:‘bob’ Twitter User: [email protected] Password:‘bob’ MegaBank User: [email protected] Password:‘bob’ Your Site User: [email protected] Password:‘bob’
- 17. Your Password File [email protected]:$2a$16$873AB23783... [email protected]:$2a$16$23d98Q7K129S... [email protected]:$2a$16$12AB43BBCE... A good guess for bob’s password:‘bob’ Total time to crack: 5.5 seconds.
- 18. User: [email protected] Password:‘bob’ In the database: User: $2a$05$d098b0fc.... Password: $2a$05$23d98Q... 2 - Hash the email Without a user name, a password is worthless
- 19. Using a Hashed Email ✦ Normalize the email ✦ remove leading and trailing spaces ✦ convert to lower case ✦Guaranteed to get same hash every time ✦ Hash the normalized email ✦ Use that hash when adding a user or querying on login.
- 20. Welcome, [email protected]!! Store it in the session Now, only current sessions are at risk Delete when the session expires Encrypt it for additional safety
- 21. Uploading The Address Book Never upload email addresses Upload their hashes instead Only upload what you need
- 23. My Address Book: Dave: [email protected] Aijaz’s Address Book: Dave: $2a$05$qZHnl.... Later, Dave registers as [email protected] Insert user with email: $2a$05$qZHnl.... SELECT * FROM FRIENDS WHERE EMAIL=’ $2a$05$qZHnl....’
- 25. Dave, you might know Aijaz Aijaz, you might know Dave You really didn’t need to upload the email
- 26. What to Remember Hash passwords with bcrypt http://TheJoyOfHack.com/ @_aijaz_ Thank
- 27. you! Hash identifying data, too Don’t store anything you don’t need