[英]Client side password hash versus plain text
I'm putting together an android client (and possibly in the future iOS, web portal, etc) and php mysql server.我正在组装一个 android 客户端(将来可能还有 iOS、web 门户等)和 php mysql 服务器。 Server side I am currently using the PHPass library to hash and salt the incoming passwords.
服务器端我目前正在使用 PHPass 库来访问 hash 并对传入的密码加盐。
Should I make the client send plain text passwords over HTTPS/SSL or should the client do some form of hashing first.我应该让客户端通过 HTTPS/SSL 发送纯文本密码,还是客户端应该先进行某种形式的哈希处理。 For example should every client simply sha1 (or some other algorithm) every outgoing password?
例如,每个客户端是否应该简单地对每个传出密码进行 sha1(或其他算法)?
Most websites will send the password plain-text over an encrypted connection SSL/HTTPS. 大多数网站将通过加密的连接SSL / HTTPS发送纯文本密码。 Hashing the password client-side can be done, but the advantage is small and often client-side languages (JavaScrypt) are slow so you can calculate less rounds in the same time, what weakens the hash.
可以对客户端进行哈希哈希处理,但是优点很小,并且客户端语言(JavaScrypt)通常很慢,因此您可以同时计算较少的回合,这会削弱哈希。 In every case the server must calculate a hash as well to be safe.
在每种情况下,服务器也必须计算哈希值以确保安全。
The advantage is small, because if an attacker can do a ManInTheMiddle attack, he can also modify/remove the script (JS) which does the hashing. 优点很小,因为如果攻击者可以进行ManInTheMiddle攻击,他也可以修改/删除执行哈希的脚本(JS)。 Only an encrypted connection with SSL/HTTPS can protect against a MITM attack, so you need SSL anyway.
只有使用SSL / HTTPS的加密连接才能防御MITM攻击,因此无论如何您都需要SSL。
In your case with an app , it looks slightly different. 对于您的应用程序 ,它看起来略有不同。 Because the user first has to install your software, there is no need to send a script to the client, so a MITM cannot modify this script.
因为用户首先必须安装您的软件,所以不需要将脚本发送给客户端,因此MITM无法修改此脚本。 Moreover, the app can calculate the hash relatively fast (if it can run native code) and therefore can do enough rounds on client-side.
此外,该应用程序可以相对快速地计算哈希(如果它可以运行本机代码),因此可以在客户端进行足够的回合。
This is what i would do: 这就是我会做的:
Another disadvantage of hashing passwords on the client is that you cannot change the hashing algorithm or iteration count without also having to update your clients. 在客户端上对密码进行哈希处理的另一个缺点是,您无法更改哈希算法或迭代计数,而不必更新客户端。
For JavaScript clients that is not a problem, but you cannot easily guarantee that your users will be on the most recent version of your native client. 对于JavaScript客户端来说,这不是问题,但您不能轻易保证您的用户将使用最新版本的本机客户端。
So I would stick with sending plain passwords over HTTPS. 所以我会坚持通过HTTPS发送普通密码。
In the early days of HTTP, there was Digest authorization as an alternative to Basic authorization. HTTP早期有Digest授权作为Basic授权的替代。 Instead of the HTTP header
而不是 HTTP header
Authorization: Basic <credentials>
you would use你会用
Authorization: Digest <credentials>
It was an algorithm that increased security by avoiding the password being sent as cleartext.这是一种通过避免以明文形式发送密码来提高安全性的算法。 This was in the days when TLS/SSL came at a performance cost so this was an alternative.
这是在 TLS/SSL 以性能成本为代价的时代,所以这是一个替代方案。 However the algorithm meant the password had to be stored as cleartext on the server.
然而,该算法意味着密码必须以明文形式存储在服务器上。 So you had a choice of sending the password cleartext but having a hash on the server, or sending the password as a hash but having cleartext on the server.
因此,您可以选择发送明文密码但服务器上有 hash,或者发送密码为 hash 但服务器上有明文。
Unsurprisingly, as martinstoeckli said in his answer, now that TLS/SSL is widespread and easy to implement, HTTPS is used instead.不出所料,正如 martinstoeckli 在他的回答中所说,现在 TLS/SSL 广泛且易于实施,因此改用 HTTPS。 You can store the password as a hash on the server but not expose the plaintext password if it is intercepted by a MITM attacker.
您可以将密码作为 hash 存储在服务器上,但如果它被 MITM 攻击者拦截,则不会公开明文密码。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.