1

I'd like to use Portable PHP password hashing framework to hash passwords. But I find that its demos don't use salt for hashing a password. But it use a dummy salt for checking password which I find it strange and I don't understand this idea at all,

$dummy_salt = '$2a$08$1234567890123456789012';

if (isset($dummy_salt) && strlen($hash) < 20)
        $hash = $dummy_salt;

I wonder, if I want to use convention method which I can generate the unique salt and store it for each user in my database, how can I use Portable PHP password hashing framework to generate salts?

This is the function I use to hash passwords but I have been told that sha512 has the same issue as sha1, wise to trust the expert like Portable PHP password hashing framework,

function hash_sha512($phrase,&$salt = null)
{
    //$pepper = '!@#$%^&*()_+=-{}][;";/?<>.,';

    if ($salt == '')
    {
        $salt = substr(hash('sha512',uniqid(rand(), true).PEPPER_KEY.microtime()), 0, SALT_LENGTH);
    }
    else
    {
        $salt = substr($salt, 0, SALT_LENGTH);
    }

    return hash('sha512',$salt.PEPPER_KEY.$phrase);
}

Let me know if you have any idea. Thanks.

Run
  • 54,938
  • 169
  • 450
  • 748

1 Answers1

4

From the phpass article linked to from that page:

Besides the actual hashing, phpass transparently generates random salts when a new password or passphrase is hashed, and it encodes the hash type, the salt, and the password stretching iteration count into the "hash encoding string" that it returns. When phpass authenticates a password or passphrase against a stored hash, it similarly transparently extracts and uses the hash type identifier, the salt, and the iteration count out of the "hash encoding string". Thus, you do not need to bother with salting and stretching on your own - phpass takes care of these for you.

...so it's not surprising that the examples don't use salting! You may be over-seasoning your code.

The code sample with the dummy salt is an example of how to prevent a timing attack by making sure that whether a user exists or not, the validation of the user takes the same amount of time, effectively by doing a dummy authentication for non-existent users. It needs a dummy salt because if the user doesn't exist, it won't have a stored salt to use.

Matt Gibson
  • 37,886
  • 9
  • 99
  • 128
  • thanks. should I use the dummy salt for preventing the timing attack then? – Run Jan 26 '11 at 15:21
  • @lauthiamkok That's up to you, really, and depends on the rest of your setup. For example, if your website will allow people to add new accounts and tells them if a username they choose already exists, then there's not much point preventing an attacker working the same thing out with an authentication timing attack! – Matt Gibson Jan 26 '11 at 15:25