With the unreliability of Bcrypt and PBKDF2, Argon2id (with hard memory function) was created to tackle trade-off attacks and side-channel attacks. However, Argon2i PHP code is in this thread, mainly used for password hashing and password-based key derivation, as it uses data-independent memory access.
Argon2 with the use of predefined memory size, CPU time, and a degree of parallelism, protects against brute-force attack and GPU attacks.
Note: Argon2i and Argon2d have different functions, the last named is mainly for cryptocurrency-related projects and back-end servers that don't require side-channel timing attacks. While Argon2id is a combination of both, people who know what they need can go for one with the feature they want.
Argon2 Features
Performance: Argon2 rapidly occupies Memory, thereby, souring the area multiplier in the time area for ASIC equipped adversaries. Though Argon2i data independent version durably fills the memory spending within 2 CPU cycles per bytes, Argon2d is three times as fast.
Trade off Resilience: Regardless of fast performance, Argon2 is designed to deliver a suitable level of Trade of Resilience.
Scalability: Argon2 possesses scalability both in time and memory dimensions.
Parallelism: Argon2 may utilize up to 2^22 threads in parallel.
GPU/ FPGA/ ASIC Unfriendly: Argon2 is specially optimized for *86 architecture to enable cheaper or faster implementation on dedicated cracking hardware.
Additional Input Support: Argon2 is Additional input compatible, which is syntactically set apart from the message and nonce like, environmental parameter, secret key, user data etc.
Running OF ARGON2i in PHP.
Code:
The implemented algorithm in PHP is Argon2i (v1.3), and it can be provided via the $algo parameter to the password_hash() function. The signature of password_hash() is as follows:
password_hash( string $password , integer $algo [, array $options ]) : string
The second parameter ($algo) specifies the algorithm to use when hashing; the Argon2i algorithm is represented by the constant PASSWORD_ARGON2I.
As an example:
$password = 'test';
$hash = password_hash($password, PASSWORD_ARGON2I);
var_dump($hash);
The $hash result will contains a string of 98 characters as follows:
$argon2i$v=19$m=1024,t=2,p=2$TmxLemFoVnZFaEJuT1NyYg$4j2ZFDn1fVS70ZExmlJ33rXOinafcBXrp6A6grHEPkI
This string contains sub-string of parts, separated by dollar ($). These parts are:
argon2i
v=19
m=1024,t=2,p=2
TmxLemFoVnZFaEJuT1NyYg
4j2ZFDn1fVS70ZExmlJ33rXOinafcBXrp6A6grHEPkI
The first part is the algorithm name (argon2i), the second is the Argon2i version, and the third part is a list of algorithm parameters related to memory cost (in Kb), time cost, and threads to be used (parallelism).
The fourth parameter is the random salt value, encoded in Base64. This value is generated by password_hash() using a random value for each execution. This is why we have different hash outputs for the same input string. The default size of the salt is 16 bytes.
The fifth and last parameter of the string contains the hash value, encoded in Base64. The hash size is 32 bytes.
PHP provides a function named password_get_info($hash) to get information about the hash generated by password_hash(). For instance, if you use password_get_info() on the previous value, you will receive:
array(3) {
["algo"]=>
int(2)
["algoName"]=>
string(7) "argon2i"
["options"]=>
array(3) {
["memory_cost"]=>
int(1024)
["time_cost"]=>
int(2)
["threads"]=>
int(2)
}
}
The default parameters for the algorithm are a memory_cost of 1024 Kb (1 Mb), a time_cost of 2, and two threads to be used for parallelism. The Argon2 specifications suggest to use a power of 2 value for the memory_cost.
These values can be changed using the $options parameter of the password_hash() function. As an example:
$password = 'test';
$options = [
'memory_cost' => 1<<17, // 128 Mb
'time_cost' => 4,
'threads' => 3,
];
$hash = password_hash($password, PASSWORD_ARGON2I, $options);
var_dump($hash);
PHP will generate an E_WARNING for values that cannot be used as options for the PASSWORD_ARGON2I algorithm.
password_hash( string $password , integer $algo [, array $options ]) : string
The second parameter ($algo) specifies the algorithm to use when hashing; the Argon2i algorithm is represented by the constant PASSWORD_ARGON2I.
As an example:
$password = 'test';
$hash = password_hash($password, PASSWORD_ARGON2I);
var_dump($hash);
The $hash result will contains a string of 98 characters as follows:
$argon2i$v=19$m=1024,t=2,p=2$TmxLemFoVnZFaEJuT1NyYg$4j2ZFDn1fVS70ZExmlJ33rXOinafcBXrp6A6grHEPkI
This string contains sub-string of parts, separated by dollar ($). These parts are:
argon2i
v=19
m=1024,t=2,p=2
TmxLemFoVnZFaEJuT1NyYg
4j2ZFDn1fVS70ZExmlJ33rXOinafcBXrp6A6grHEPkI
The first part is the algorithm name (argon2i), the second is the Argon2i version, and the third part is a list of algorithm parameters related to memory cost (in Kb), time cost, and threads to be used (parallelism).
The fourth parameter is the random salt value, encoded in Base64. This value is generated by password_hash() using a random value for each execution. This is why we have different hash outputs for the same input string. The default size of the salt is 16 bytes.
The fifth and last parameter of the string contains the hash value, encoded in Base64. The hash size is 32 bytes.
PHP provides a function named password_get_info($hash) to get information about the hash generated by password_hash(). For instance, if you use password_get_info() on the previous value, you will receive:
array(3) {
["algo"]=>
int(2)
["algoName"]=>
string(7) "argon2i"
["options"]=>
array(3) {
["memory_cost"]=>
int(1024)
["time_cost"]=>
int(2)
["threads"]=>
int(2)
}
}
The default parameters for the algorithm are a memory_cost of 1024 Kb (1 Mb), a time_cost of 2, and two threads to be used for parallelism. The Argon2 specifications suggest to use a power of 2 value for the memory_cost.
These values can be changed using the $options parameter of the password_hash() function. As an example:
$password = 'test';
$options = [
'memory_cost' => 1<<17, // 128 Mb
'time_cost' => 4,
'threads' => 3,
];
$hash = password_hash($password, PASSWORD_ARGON2I, $options);
var_dump($hash);
PHP will generate an E_WARNING for values that cannot be used as options for the PASSWORD_ARGON2I algorithm.
With the usage of Argon2 attackers won't be able to access users passwords after penetrating a given site.
https://github.com/P-H-C/phc-winner-argon2/blob/master/argon2-specs.pdf
https://medium.com/analytics-vidhya/password-hashing-pbkdf2-scrypt-bcrypt-and-argon2-e25aaf41598e
https://framework.zend.com/blog/2017-08-17-php72-argon2-hash-password.html