Author

Topic: SMF modification needed -- upgrade password hash security -- 40 BTC (Read 12636 times)

legendary
Activity: 1204
Merit: 1015
Fantastic job on this, both of you!
administrator
Activity: 5222
Merit: 13032
This probably doesn't even need to be said, but theymos paid on time and in full. Not to mention it was a pleasure to work with him on this little project. I'm happy, and I am standing by in case there are any unforeseen issues.

Thank you for your nice work on this.
hero member
Activity: 588
Merit: 500
This probably doesn't even need to be said, but theymos paid on time and in full. Not to mention it was a pleasure to work with him on this little project. I'm happy, and I am standing by in case there are any unforeseen issues.
administrator
Activity: 5222
Merit: 13032
I've offered the job to error.

Thanks to all applicants for your interest!
hero member
Activity: 588
Merit: 500
Just saw this post. I've taken a quick look and I believe I can do this as an SMF mod. Among my other qualifications I help run another SMF forum you may have heard of.
hero member
Activity: 574
Merit: 500
I'm willing to do this.
administrator
Activity: 5222
Merit: 13032
has the candidate for this been chosen yet theymos?

No.

Do you want a direct file edit or a modification format that the package manager can use? I'm comfortable with both; however, the latter could be a no-go for you for obvious security reasons.

Either is fine. I was thinking a non-modification patch, since that seems much easier to write.
sr. member
Activity: 448
Merit: 250
has the candidate for this been chosen yet theymos?
hero member
Activity: 574
Merit: 500
Do you want a direct file edit or a modification format that the package manager can use? I'm comfortable with both; however, the latter could be a no-go for you for obvious security reasons.
member
Activity: 64
Merit: 10
It's considered best practice to use CSPRNGs for any cryptography, including salts.  Predictable salts may offer protection against rainbow tables..  Maybe it protects against "theoretical attacks"?

Take a look at this page:
http://books.google.com/books?id=QJNoykS0Tv4C&lpg=PT199&ots=JN9mj5AsnT&dq=salt+csprng&pg=PT199&redir_esc=y#v=onepage&q&f=false

It turns out that urandom is also cryptographically secure. Cheesy The php function, mt_rand(), for example, is not.
administrator
Activity: 5222
Merit: 13032
If you're creating salts, you may want to use a CSPRNG.  So, you want /dev/random instead of urandom.

/dev/urandom is more than sufficient. It's not very important for the salt to be unpredictable.
member
Activity: 64
Merit: 10
If you're creating salts, you may want to use a CSPRNG.  So, you want /dev/random instead of urandom.
hero member
Activity: 607
Merit: 500
I have some experience with SMF v1.1 mods, and I run a Bitcoin exchange (built with PHP) which already uses proper password security. So I can provide the extension you need.
administrator
Activity: 5222
Merit: 13032
The forum will pay 40 BTC for a patch to SMF version 1.1.16 upgrading password hash security.

You should use these PHP functions I've written for doing the actual hashing:

Code:
//salted SHA-256 with 7500 rounds
define('CRYPT_PARAMS', '$5$rounds=7500$');

//get $bytes bytes of secure random binary data
function urandom($bytes)
{
$file = fopen('/dev/urandom', 'rb');
$result = fread($file, $bytes);
fclose($file);
if(strlen($result) < $bytes)
die('urandom byte length mismatch');
return $result;
}

//hash and salt a new password for insertion into the database
function newpass($pass)
{
return crypt($pass, CRYPT_PARAMS . base64_encode(urandom(12)) . '$');
}

//compare a provided password with the hash in the database
function password_is_valid($entered_password, $db_hash)
{
return crypt($entered_password, $db_hash) === $db_hash;
}

//old password comparison:
//sha1(strtolower($user) . $entered_password) == $db_hash
//new password comparison:
//password_is_valid($entered_password, $db_hash)

You need to do this:
- In LogInOut.php, upgrade SMF SHA-1 hashes to these new hashes automatically. Also, update any passwords that pass password_is_valid() but have a different CRYPT_PARAMS prefix than is being used currently.
- Change all old password comparisons to the new method.
- Wherever passwords are updated, use newpass() instead of SMF's method.
- Thoroughly test all aspects of this modification. I am mostly paying someone to do this change instead of doing it myself because bugs in this would create a huge mess and I therefore want someone more experienced in software testing to do it.

Hint: SMF has a "salt" column in the database and a "passwordSalt" variable, but these aren't actually used for password hashing. You only need to deal with the "passwd" column/variable.

PM me or post here if you're interested. I will pick the best candidate in a week or two. You should only apply if you're already pretty well-trusted in the community.

(Do not post in this thread about how you prefer another hashing method.)
Jump to: