3

I'm updating an old classic ASP site and I need to store password, so naturally I'm being a bit over cautious about how to go about this given the limitations of Classic ASP.

I'm using both a salt and a pepper (the pepper is a constant stored on the server, not in the database), and I'm just wondering, is there any benifit to shuffling / scrambling the characters of the "pepper + password + salt" string before hashing?

I've written a function that can scramble a string of any length based on a pre-defined (secret) sequence of numbers (the sequence is also stored on the server, not in the database). So the function will always return the same scrambled value rather than a random scrambled value (which of course would be of no use).

I've been reading up a lot on password salting, but I've never seen anyone suggest that the salted password be scrambled before hashing. But to me this seems like a great extra level of security.

Just wondering what others think?

Here's the scramble function (it's written in VBscript):

Function ScrambleSalt(the_str)

    '// Once you've joined the pepper + password + salt, you pass it through the "ScrambleSalt" function before 
    '// hashing. The "ScrambleSalt" function will scramble any string based on a pre-set sequence of numbers. 
    '// The sequence is imported from a txt file (kept in an offline folder, just like the pepper).

    '// The sequence needs to be an incremental collection of numbers (starting from 1) but in a random order 
    '// and comma delimited. Here's and example with 1 to 50, although the actual sequence uses 1 - 500:

    '// 22,8,21,45,49,42,3,36,11,47,19,9,15,23,40,16,29,31,43,38,44,4,41,13,35,26,17,14,10,28,6,5,34,12,39,1,
    '// 30,46,32,7,27,48,33,25,18,2,50,20,24,37

    '// (^ the numbers 1 to 50 in a random order)

    '// How the scrambling process works (using the above example sequence) is by rearranging the characters in 
    '// the string so that characters 22 appears first, followed by character 8, then character 21 etc, etc... 
    '// the function cycles through the sequence ignoring any numbers that are larger than the length of the 
    '// string until the characters in the string have all been rearranged (scrambled).

    '// If a string is more than 50 characters long, it will be split into individual strings, each containing 
    '// 50 characters (or a remainder in the case of the last string).

    '// So if the length of the string is 120 characters long, it will be split into 3 string:

    '// String 1 = 50 chars (chars 1 - 50)
    '// String 2 = 50 chars (chars 51 - 100)
    '// String 3 = 20 chars (chars 101 - 120)

    '// Each string will be scrambled, then joined back together before being returned by the function. 
    '// Using this method means the function can scramble strings of any length and without limit.

    Dim scramble_sequence, sequence_array, scramble_loop, in_loop_str, scrambled_str
    scramble_sequence = file_get_contents(request.ServerVariables("APPL_PHYSICAL_PATH") & "/../keys/scramble_sequence.txt")
    sequence_array = split(scramble_sequence,",")
    scramble_loop = Ceil(len(the_str),uBound(sequence_array)+1) '// round up
    for fx = 0 to scramble_loop-1
        in_loop_str = mid(the_str,fx*(uBound(sequence_array)+1)+1,uBound(sequence_array)+1)
        for fy = 0 to uBound(sequence_array)
            if int(sequence_array(fy)) =< len(in_loop_str) then
                scrambled_str = scrambled_str & mid(in_loop_str,int(sequence_array(fy)),1)
            end if
        next
    next
    ScrambleSalt = scrambled_str

End Function

function Ceil(dividend, divider) ' for rounding up a number
    if (dividend mod divider) = 0 Then
        Ceil = dividend / divider
    else
        Ceil = Int(dividend / divider) + 1
    end if
End function

function file_get_contents(file_path)
    Set fs = Server.CreateObject("Scripting.FileSystemObject")
    Set f = fs.OpenTextFile(file_path,1)
        file_get_contents = f.ReadAll
    f.Close : Set f = Nothing : Set fs = Nothing
end function

An example of the above function in action

pepper value used for this example = "XC3Qpm7CNXauwAbX"
scramble sequence used for this example = "9,39,50,43,18,11,36,7,29,41,27,34,12,45,1,14,42,13,6,4,25,19,24,33,30,20,23,10,46,16,49,38,15,5,17,8,47,28,26,3,2,40,37,44,35,32,48,22,31,21"

password = "p@44w0rd"
salt = "G1sWNd0andiIhOYA"

concatenated pepper+password+salt:
XC3Qpm7CNXauwAbXp@44w0rdG1sWNd0andiIhOYA

scrambled using the example sequence:
NY@aI7NsduXAwmQG4dnd4rXXObppCW13CAhia00w

SHA512 Hash:
9d5a7781eeb815250c55c1a1f172c569b3b6167a48951c819e4982bea9b84bd8ecad6a417ff8f110541a1039ddf1fd8daa61a52a7c401fccae71dda77c607540
Adam
  • 59
  • 2
  • 4
  • The purpose of salts is to render rainbow tables useless (because an attacker would have to re-calculate them for each hash they want to crack). Whether the salt is known to the attacker or not is irrelevant. What advantage does your approach gain you? – Ansgar Wiechers Oct 14 '17 at 13:38
  • I understand the purpose of a salt (which will be stored next to the hashed password). If the database was compromised a hacker could target a single account and rebuild a rainbow table implementing the salt. My thinking was that scrambling the password+salt rather than just concatenating the two would make this near impossible, not unless they have access to the website source code as well as the database... I also realise this is overkill, but it just seemed like a good additional level of security. – Adam Oct 14 '17 at 13:58
  • Rebuilding a rainbow table is essentially the same as brute-forcing the hash. Which the attacker could do anyway. – Ansgar Wiechers Oct 14 '17 at 15:01
  • I'm not sure I follow. How can someone brute force the hash if they don't know how the users password and salt have been combined? And even if they were able to brute force the hash, the password would be scrambled into the salt, so how would they be able to unscramble it and retrieve the password? – Adam Oct 14 '17 at 16:09
  • Plus I'm using a pepper too, which isn't stored in the database. – Adam Oct 14 '17 at 16:13
  • 1
    Google "Kerckhoff's Principle". Assume that the attacker knows how password and hash are combined. Anyway, you were asking if what you're doing is a good idea. My answer is: "no, it isn't". Do with that what you will. – Ansgar Wiechers Oct 14 '17 at 18:36
  • Thank you for you feedback, but I respectfully disagree, – Adam Oct 14 '17 at 20:05
  • I'd be happy to agree that it might be an unnecessary step, but I disagree that it doesn't improve the integrity of the hash. – Adam Oct 14 '17 at 20:09
  • @Adam It’s not going to make it any less secure, whether it’s worth it or not I’m unsure, you might get a better answer on [Information Security Stack Exchange](https://security.stackexchange.com/) though. – user692942 Oct 15 '17 at 05:46
  • 3
    I'm voting to close this question as off-topic because it belongs on [Information Security Stack Exchange](https://security.stackexchange.com/). – user692942 Oct 15 '17 at 05:48
  • Thank you @Lankymart I'll post it over there – Adam Oct 15 '17 at 12:14
  • Related - [Scrambling a salted password before hashing. Good idea or unnecessary?](https://security.stackexchange.com/q/171310/76700). – user692942 Oct 16 '17 at 14:41

1 Answers1

0

If someone has gained access to your database, they can also gain access to your scripts if they are on the same server.

Eric Shawn
  • 151
  • 6