-2

I alway hear about how unsafe md5 hashes are, so I wrote this, in hopes that it would be more secure... I know about the other hashes, but my question is:

If I stored my passwords hashed by this function do you think that anyone could reverse or lookup these hashes in order to unobfuscate these passwords?

<?/*
  Script Written By Michael O'Neal on 12/12/2015

  How to use:
  $info = "Info to destroy"
  $salt = "Something to add to $info to spice it up"
  $level = "how many repetitions of 1000 to hash $info with salt"

  */

  function destroy($info, $salt, $level){
    for($i=0;$i!=($level*1000)+1;$i++){
      $info = md5($info.$salt);
    }
    return $info;
  }
?>
Michael O'Neal
  • 31
  • 6

2 Answers2

1

The first question should be, why would you invent your own scheme, if there are proven ones? This looks a bit similar to PBKDF2, but it is not exactly.

Let's examine some details:

  1. The parameter $info is not passed by reference, so without a return, your function does not do anything.
  2. With $level = 1 how many iterations would you do, 1000, 1001?
  3. How would you verify the password, how do you know about the used salt and the level, where are they stored?
  4. How would you generate a safe salt, would it be binary with possible \0 characters or generated by PHPs rand() function?

All those details may look like small mistakes, but it shows how easy it is to make mistakes when it comes to password security, and a small mistake can ruin the whole security. So please consider to use the PHP function password_hash(), it handles all the difficult parts about safely storing passwords:

// Hash a new password for storing in the database.
// The function automatically generates a cryptographically safe salt.
$hashToStoreInDb = password_hash($password, PASSWORD_DEFAULT);

// Check if the hash of the entered login password, matches the stored hash.
// The salt and the cost factor will be extracted from $existingHashFromDb.
$isPasswordCorrect = password_verify($password, $existingHashFromDb);
martinstoeckli
  • 23,430
  • 6
  • 56
  • 87
  • The only problem with using phps password hash is that any php programmer that found my hashes would probably assume that I used password_hash to hash the password then be able to jump straight into a brute force attack. – Michael O'Neal Dec 14 '15 at 23:45
  • @MichaelO'Neal Security is not obtained by keeping the method secret, that never actually works. The answer is in strong well known and well vetted algorithms. It is doubtful PHP's password_hash is weak. The weakness is in the user selected passwords. – zaph Dec 15 '15 at 00:46
  • @MichaelO'Neal - This is a reasonable objection, in the end it is always a matter of trust, as long as you are not a cryptographer yourself. Keeping the algorithm a secret is not the way to go though, there are better ways to add an additional secret, have a look at this [answer](http://stackoverflow.com/a/34233345/575765) or at the end of my tutorial about [safely storing passwords](http://www.martinstoeckli.ch/hash/en/index.php). – martinstoeckli Dec 15 '15 at 07:50
0

Yes.

"Schneier's Law": Anyone, from the most clueless amateur to the best cryptographer, can create an algorithm that he himself can't break.

Now comes along Michael O'Neal who thinks he can do better.

The existing hashes have had intensive peer review by domain experts.

For hashing password the current best practice is PBKDF2 (Password Based Key Derivation Function) See NIST Special Publication 800-132 . It is well vetted.

Many implementations also provide a calibration function for the number of iterations.

zaph
  • 111,848
  • 21
  • 189
  • 228