1

I'm using bcrypt locally since xampp has PHP 5.3 but online my hosting account only has PHP 5.2. Is there a good alternative I can use which works for 5.2?

Nasreddine
  • 36,610
  • 17
  • 75
  • 94
enchance
  • 29,075
  • 35
  • 87
  • 127

4 Answers4

2

I think i should update and improve this answer, because i learned a lot about password hashing in the last years.

PHP version 5.5 will provide a convenient way to use BCrypt, for PHP version 5.3.7 and above there exist a compatibility pack. Please have a look at this answer.

For PHP versions before 5.3 it is recommended to use the phpass library, they support PHP back to version 3.

Community
  • 1
  • 1
martinstoeckli
  • 23,430
  • 6
  • 56
  • 87
  • I think `hash_hmac` uses only a single iteration, which makes plain `hash_hmac` a bad choice for password hashing. – CodesInChaos Dec 03 '11 at 11:37
  • @CodeInChaos - If i understood the example correctly, it uses a part of the key to create a hash, and then uses the other part of the key to hash the hash. If one can believe the wiki article, it's safe because the outer hash function masks the result of the inner hash. – martinstoeckli Dec 03 '11 at 12:36
  • Plain HMAC is safe as a MAC, but it's too fast for a password hash. It's possible to build a good password hash based on HMAC, such as PBKDF2. – CodesInChaos Dec 03 '11 at 13:02
  • @CodeInChaos - Seems you are right, the hmac is safe but too fast, and that makes it easier to make brute force attacks. Bcrypt will buy us some time, though in a few years the now created hash will be calculated too fast as well... What would you recommend to use with PHP 5.2? – martinstoeckli Dec 03 '11 at 13:36
  • At minimum you should iterate this a couple of thousand times. – CodesInChaos Jan 19 '13 at 20:34
1

I'm using bcrypt ... Is there a good alternative I can use which works for 5.2?

See Openwall's PHP password hashing framework (PHPass). Its portable and hardened against a number of common attacks on user passwords. The guy who wrote the framework (SolarDesigner) is the same guy who wrote John The Ripper and sits as a judge in the Password Hashing Competition. So he knows a thing or two about attacks on passwords.

jww
  • 97,681
  • 90
  • 411
  • 885
0

Check out the Mcrypt PHP extension. It's been around for a long time and has several different algorithms. bcrypt appears to just be a Blowfish wrapper. You could just as easily use PHP's crypt() function, and pass the appropriate salt to force the function to use Blowfish:

// crypt($plaintext, $salt);
// How you define $salt determines the encryption algorithm used
$hash = crypt('PASSWORD', '$2a$12$Some22CharacterSaltXXO');
echo $hash;

// Output would be $2a$12$Some22CharacterSaltXXO6NC3ydPIrirIzk1NdnTz0L/aCaHnlBa

The PHP manual page (linked above) has the explanation of why the password salt looks the way it does in my example above. The $2a$ tells PHP to use Blowfish, the 12$ is a cost modifier; a number between 04 (yes, it has to be 2 digits) and 31 that (I believe) effects the number of iterations the hashing mechanism uses. As you can see, the salt is included in the output from the call to crypt(), so when you need to check something against the hash you need to retrieve the hash first (from the file or database where it's stored) to pull out the salt.

WWW
  • 9,734
  • 1
  • 29
  • 33
  • Is mcrypt as good as bcrypt? My field set ti CHAR(60) with the assumption that I'll be using bcrypt. – enchance Dec 03 '11 at 07:41
  • 1
    You should suggest a specific function. mcrypt has quite a lot of functions for different purposes. At a glance I see no function that's suitable for password hashing. – CodesInChaos Dec 03 '11 at 11:40
  • All `bcrypt` appears to be is a wrapper for Blowfish. I'll update my answer accordingly. – WWW Dec 05 '11 at 14:18
  • How is bcrypt a blowfish wrapper? It's based on blowfish, yes. But it's certainly not plain blowfish. – CodesInChaos Dec 05 '11 at 22:10
  • It's Blowfish with a cost parameter, and from what I've read all that cost parameter does is determine the number of operations used to encrypt the password. If you feel differently, please feel free to post your research. Otherwise, I consider you trolling and I won't respond. – WWW Dec 06 '11 at 14:50
-3

It depends on where and what you store your passwords for.

For a online website (with users etc+) i would done this:

$hash = "jr38028(/#Fjg4i4g438h9)(#Hhhf3,..;uh#F)8"; $hashed = sha1($hash . $PASSWORD . $hash); // where $PASSWORD is the variable thats holding the password. echo $hashed; // shows the hashed password.

Edited after doing something wrong. Forgot to hash inside function, also changed to sha1 instead of md5. And haters, love you too <3

Stian Olsen
  • 62
  • 1
  • 1
  • 9
  • 2
    Actually the salt should go into the hash function, to prevent rainbow table attacks. Adding it to the already hashed value, won't increase the security, it's easy to see that all values have the same begin and the same end. And why use `md5()`, when there are a lot of better hash methods like sha256 or ripemd256 ? – martinstoeckli Dec 03 '11 at 09:01
  • 2
    -1 Single iteration and no working salt. And md5 isn't the best hash function either, but that's the least of the problems with this code. You did pretty much everything wrong that can be done wrong. – CodesInChaos Dec 03 '11 at 11:38
  • agreed, swipper next time before giving answers on security topics like this think twice – dynamic Dec 03 '11 at 12:42