Topic: SMF modification needed -- upgrade password hash security -- 40 BTC (Read 12636 times)
Fantastic job on this, both of you!
July 10, 2012, 07:53:27 PM
This probably doesn't even need to be said, but theymos paid on time and in full. Not to mention it was a pleasure to work with him on this little project. I'm happy, and I am standing by in case there are any unforeseen issues.
Thank you for your nice work on this.
July 10, 2012, 07:42:39 PM
This probably doesn't even need to be said, but theymos paid on time and in full. Not to mention it was a pleasure to work with him on this little project. I'm happy, and I am standing by in case there are any unforeseen issues.
June 17, 2012, 11:10:40 PM
I've offered the job to error.
Thanks to all applicants for your interest!
Thanks to all applicants for your interest!
June 16, 2012, 10:09:26 AM
Just saw this post. I've taken a quick look and I believe I can do this as an SMF mod. Among my other qualifications I help run another SMF forum you may have heard of.
June 12, 2012, 10:37:09 PM
I'm willing to do this.
June 12, 2012, 08:02:32 PM
has the candidate for this been chosen yet theymos?
No.
Do you want a direct file edit or a modification format that the package manager can use? I'm comfortable with both; however, the latter could be a no-go for you for obvious security reasons.
Either is fine. I was thinking a non-modification patch, since that seems much easier to write.
June 12, 2012, 07:33:40 PM
has the candidate for this been chosen yet theymos?
June 12, 2012, 03:51:36 PM
Do you want a direct file edit or a modification format that the package manager can use? I'm comfortable with both; however, the latter could be a no-go for you for obvious security reasons.
June 07, 2012, 07:08:47 PM
It's considered best practice to use CSPRNGs for any cryptography, including salts. Predictable salts may offer protection against rainbow tables.. Maybe it protects against "theoretical attacks"?
Take a look at this page:
http://books.google.com/books?id=QJNoykS0Tv4C&lpg=PT199&ots=JN9mj5AsnT&dq=salt+csprng&pg=PT199&redir_esc=y#v=onepage&q&f=false
It turns out that urandom is also cryptographically secure.
The php function, mt_rand(), for example, is not.
Take a look at this page:
http://books.google.com/books?id=QJNoykS0Tv4C&lpg=PT199&ots=JN9mj5AsnT&dq=salt+csprng&pg=PT199&redir_esc=y#v=onepage&q&f=false
It turns out that urandom is also cryptographically secure.
The php function, mt_rand(), for example, is not. June 07, 2012, 03:24:42 PM
If you're creating salts, you may want to use a CSPRNG. So, you want /dev/random instead of urandom.
/dev/urandom is more than sufficient. It's not very important for the salt to be unpredictable.
June 07, 2012, 03:01:45 PM
If you're creating salts, you may want to use a CSPRNG. So, you want /dev/random instead of urandom.
June 07, 2012, 06:42:34 AM
I have some experience with SMF v1.1 mods, and I run a Bitcoin exchange (built with PHP) which already uses proper password security. So I can provide the extension you need.
June 03, 2012, 01:01:26 AM
The forum will pay 40 BTC for a patch to SMF version 1.1.16 upgrading password hash security.
You should use these PHP functions I've written for doing the actual hashing:
You need to do this:
- In LogInOut.php, upgrade SMF SHA-1 hashes to these new hashes automatically. Also, update any passwords that pass password_is_valid() but have a different CRYPT_PARAMS prefix than is being used currently.
- Change all old password comparisons to the new method.
- Wherever passwords are updated, use newpass() instead of SMF's method.
- Thoroughly test all aspects of this modification. I am mostly paying someone to do this change instead of doing it myself because bugs in this would create a huge mess and I therefore want someone more experienced in software testing to do it.
Hint: SMF has a "salt" column in the database and a "passwordSalt" variable, but these aren't actually used for password hashing. You only need to deal with the "passwd" column/variable.
PM me or post here if you're interested. I will pick the best candidate in a week or two. You should only apply if you're already pretty well-trusted in the community.
(Do not post in this thread about how you prefer another hashing method.)
You should use these PHP functions I've written for doing the actual hashing:
Code:
//salted SHA-256 with 7500 rounds
define('CRYPT_PARAMS', '$5$rounds=7500$');
//get $bytes bytes of secure random binary data
function urandom($bytes)
{
$file = fopen('/dev/urandom', 'rb');
$result = fread($file, $bytes);
fclose($file);
if(strlen($result) < $bytes)
die('urandom byte length mismatch');
return $result;
}
//hash and salt a new password for insertion into the database
function newpass($pass)
{
return crypt($pass, CRYPT_PARAMS . base64_encode(urandom(12)) . '$');
}
//compare a provided password with the hash in the database
function password_is_valid($entered_password, $db_hash)
{
return crypt($entered_password, $db_hash) === $db_hash;
}
//old password comparison:
//sha1(strtolower($user) . $entered_password) == $db_hash
//new password comparison:
//password_is_valid($entered_password, $db_hash)
You need to do this:
- In LogInOut.php, upgrade SMF SHA-1 hashes to these new hashes automatically. Also, update any passwords that pass password_is_valid() but have a different CRYPT_PARAMS prefix than is being used currently.
- Change all old password comparisons to the new method.
- Wherever passwords are updated, use newpass() instead of SMF's method.
- Thoroughly test all aspects of this modification. I am mostly paying someone to do this change instead of doing it myself because bugs in this would create a huge mess and I therefore want someone more experienced in software testing to do it.
Hint: SMF has a "salt" column in the database and a "passwordSalt" variable, but these aren't actually used for password hashing. You only need to deal with the "passwd" column/variable.
PM me or post here if you're interested. I will pick the best candidate in a week or two. You should only apply if you're already pretty well-trusted in the community.
(Do not post in this thread about how you prefer another hashing method.)
Jump to: