简体繁体 English

如何对数据库中的数据进行加密并重新使用以验证用户身份

[英]how to encrypt data in database and reuse it to authenticate users

原文 2015-12-02 18:16:14 0 3 spring/ security/ spring-mvc/ encryption

I'm developping an application with Spring MVC, and I want to add the security aspect to my authentication. 我正在使用Spring MVC开发应用程序，并且想将安全性添加到身份验证中。

In my application I have the login and the password are registred in the database and any one who has access to it can see the login and the password clearly. 在我的应用程序中，我已在数据库中login了login和password ，任何有权访问它的人都可以清楚地看到该login和password 。

I want to have data encrypted in the database so that I will be sure that no one can use or divulgue them . 我想在数据库中加密数据，以便确保没有人可以使用或泄露它们。 I've searched in the net but I found that there are some algorithms which may encrypt data such as md5 ,but the problem it's irreversible. 我在网上搜索过，但是发现有一些算法可以加密数据，例如md5 ，但是这个问题是不可逆的。

Could some body help me ? 有人可以帮我吗？

3 个解决方案

Why is it a problem that the encryption of passwords is irreversible? 为什么密码的加密不可逆？

When the user creates an account, salt and hash their password before saving. 用户创建帐户时，请先保存密码并对其进行哈希处理，然后再保存。 I prefer using bcrypt . 我更喜欢使用bcrypt 。

When the user logs in, you can use bcrypt's checkpw to compare the users credentials to the hashed ones saved in the db. 用户登录后，可以使用bcrypt的checkpw将用户凭据与保存在数据库中的哈希凭据进行比较。 Having them irreversible(undecryptable) ensures that if someone gains access to your db, they don't get all of your users passwords as well 使它们不可逆（不可解密）可确保如果某人获得了对您数据库的访问权限，那么他们也不会获得您所有用户的密码

I haven't used BCrypt with java before but I just glanced over this tutorial and it seemed like it may be a good starting place for you 我以前没有在Java中使用BCrypt，但是我只是浏览了一下本教程，看来对您来说它可能是一个不错的起点

Edit : Just realized he was using jBCrypt but the differences in the two should be very minimal 编辑：刚刚意识到他正在使用jBCrypt，但两者之间的差异应该很小

Edit2 : Here is a pretty good article on cracking passwords that are found in the database and a reason I recommend bcrypt and why you should use one-way encryption Edit2： 这是一篇很好的文章，介绍了破解数据库中的密码以及我建议使用bcrypt的原因以及为什么应使用单向加密的原因

I agree with Danny H, but wanted to address the other half of your question too: protecting the login (usually an email address). 我同意Danny H的观点，但也想解决您问题的另一半：保护登录名（通常是电子邮件地址）。 Most people ignore the need to protect it, but for website that want to maintain secrecy of their customers (not just Ashley Madison but also medical websites), then you'd want to add a layer of protection for the other data. 大多数人都忽略了对其进行保护的需要，但是对于想要保持其客户机密性的网站（不仅是Ashley Madison，还有医疗网站），那么您想要为其他数据添加一层保护。

First, a reference on protecting the password: Secure Salted Password Hashing . 首先，有关保护密码的参考：安全盐密密码散列。 Use either bcrypt, scrypt, PBKDF2, or argon2. 使用bcrypt，scrypt，PBKDF2或argon2。

Now what about protecting the login? 现在如何保护登录名呢？ You can actually do a similar thing for protecting it, but you will need a fixed salt for it (for passwords, the salt must not be fixed!). 实际上，您可以执行类似的操作来保护它，但是您将需要使用固定的盐（对于密码，盐不能固定！）。 Let's assume bcrypt is used for my example below. 假设下面的示例使用bcrypt。

Consider how the user would login: User enters his login id and password. 考虑用户如何登录：用户输入其登录ID和密码。 System applies bcrypt to login id with fixed salt to look up user in database. 系统将bcrypt应用于带有固定盐的登录ID，以在数据库中查找用户。 From that, system gets the user's password salt, and system computes bcrypt on user provided password with salt to see if it matches hashed password in database. 由此，系统获取用户的密码salt，然后系统对用户提供的密码加上salt来计算bcrypt，以查看其是否与数据库中的哈希密码匹配。 If so, user is granted access. 如果是这样，则授予用户访问权限。 Therefore, system granted access without storing the user's login id in plaintext form in the database. 因此，系统授予访问权限，而无需以明文形式在数据库中存储用户的登录ID。

What about user forgetting password? 用户忘记密码怎么办？ No problem if the login id is the email address: the user enters login (email address) on forgot password page, system applies bcrypt with fixed salt on user entered email address to see if the user exists in database, and assuming yes, then emails the user a secret link for password reset. 如果登录ID是电子邮件地址，则没问题：用户在“忘记密码”页面上输入登录名（电子邮件地址），系统在用户输入的电子邮件地址上应用带有固定盐的bcrypt，以查看该用户是否存在于数据库中，并假设是，则发送电子邮件用户的密码重置秘密链接。 Within the database, we have to associate that secret link to this user to make sure he only resets his own password (not somebody else's!). 在数据库中，我们必须将该秘密链接与该用户相关联，以确保该用户仅重置自己的密码（而不是其他人的密码！）。

What if the database is exposed? 如果数据库暴露了怎么办？ Anybody could determine if a specific user is in the database by computing bcrypt on that user's email address and looking for a match in the database, but nobody is going to be able to reverse the entire collection of email addresses, which is a big improvement over the present situation. 任何人都可以通过在该用户的电子邮件地址上计算bcrypt并在数据库中查找匹配项来确定特定用户是否在数据库中，但是没有人能够撤消整个电子邮件地址集合，这是对现状。

I discussed this idea in a blog of mine more than 2 months ago, see: https://littlemaninmyhead.wordpress.com/2015/09/08/a-retrospective-on-ashely-madison-and-the-value-of-threat-modeling/ 我在两个多月前的一个博客中讨论了这个想法，请参阅： https ： //littlemaninmyhead.wordpress.com/2015/09/08/a-retrospective-on-ashely-madison-and-the-value-of -threat建模/

MD5 is a hash function which is not reversible - it is not an encryption function. MD5是不可逆的哈希函数-它不是加密函数。 Hashes give the same output for a given input every time, that's why they work. 哈希每次都会为给定的输入提供相同的输出，这就是它们起作用的原因。 Hashing would work in the scenario you described because the users who could see the hashes wouldn't know the original password - that said, it still sounds like a bad idea. 在您所描述的情况下，散列是可行的，因为可以看到哈希的用户不知道原始密码-也就是说，这听起来还是个坏主意。

Ideally you would hash the passwords then encrypt the hash and other users wouldn't be able to see these values encrypted or not. 理想情况下，您将对密码进行哈希处理，然后对哈希进行加密，其他用户将看不到这些值是否经过加密。 That would be my suggestion, but if you choose only to encrypt the passwords RSA encryption would work just fine. 那是我的建议，但是如果您仅选择对密码进行加密，那么RSA加密就可以了。