Better hashing than SHA1

I'm working on an application and I need to store the users password, so I'm thinking I'll store it in the current-user class of the registry, but I also want to hash it for the obvious reason, and I've seen news items that state that SHA1 has been cracked, is there a better (uncracked) hashing algorithm available in the "standard" system or .net?

-------------Problems Reply------------

SHA1 is not encryption, it's a cryptographic hash function. And yes it has been broken, which means it's possible to generate collisions faster than a brute force method. The SHA2 family has not been broken.

But I would advise to use a custom seed per entry so that a rainbow table could not be used for trying out passwords. If you're using the SQL Membership provider the password format "Hashed" already uses a different seed for each user.

More information about seeding your hash can be found in the article What You Need To Know About Secure Password Schemes by Thomas Ptacek.

As you say in your comment, SHA1 is a hash algorithm, not encryption. It is a one-way function that, even if it is broken, does not allow the password to be retrieved.

If you want stronger hash functions that are already in .NET, look at the SHA2 family - SHA256, SHA384, SHA512. (SHA224 also exists, but isn't implemented in the System.Security.Cryptography namespace.)

The collision attacks on SHA1 are not practically exploitable yet, but you are right to be looking ahead. NIST is currently running a selection process for SHA3 in the light of these attacks, but this is a few years from completion and commercial acceptance. SHA2 on the other hand is an existing family of algorithms that are standardised by NIST and are not subject to the attacks that have been successful against MD5 and SHA1.

What you need to do is salt your passwords. Here is some actual sample code in C# that uses SHA1 and salting.

The problem with SHA1 "being cracked" is all basic possible combinations have been pre-calculated, however salting makes your password nonbasic (it is still vulnerable to a brute force if it is weak or easily guessable but it kills rainbow tables)

Hash algorithms have been showing some signs of weakness as of late, which is why NIST has offered up a hashing contest much like they had an encryption contest which crowned Rijndael as the new AES.

I personally like what MD6 has to offer, as it is being spearheaded by Ron Rivest, who has been in the cryptography space for over three decades. MD6 has been withdrawn, so I suggest some of the stronger candidates in Round 2 in my humble opinion are Keccak, Blue Midnight Wish, and Fugue.

From there, definitely use good practices such as salting.

Yes you can use SHA512, just remember how long the actual hash is. You can always add extra security by salting the hash results as well.

SHA512("The quick brown fox jumps over the lazy dog") =
07e547d9 586f6a73 f73fbac0 435ed769 51218fb7 d0c8d788 a309d785 436bbb64
2e93a252 a954f239 12547d1e 8a3b5ed6 e1bfd709 7821233f a0538f3d b854fee6

If you want to look into other Hashing algorythms, here's a short list.

5 days too late but you could try the highly secure encryption function

uint64_t highly_secure_encrypt(char* password) {
sleep(1);
return 0;
}

No way you're getting the passwords back from that.

Now, onto serious matters. If you don't already know the answer to your question you shouldn't be designing security systems.

If you're storing the password in the current-user section of the registry then the only people who can access it (under normal circumstances) are the user and the administrator. I'd trust (somewhat) the current-user section of the registry and use the standard password hashing mechanisms that the OS provides.

Here describes hashes and password storage at a good beginner detail, and here goes on to tell you why you should not try and do it yourself usually.

Choosing a good hash function is less than 1% of the battle. If an attacker can run you hash function millions of times a second then (s)he can test millions of combinations a second. What you need is a slow, tunable secure hash. That's not something that is easy to come by and SHA*, MD5, etc are designed to be bloody fast since they're meant to be used over files and chunks of files usually, where speed is king.

I'd recommend reading up more, since the answers are out there and very easy to find.

Category:c# Views:0 Time:2009-04-06
Tags: c# hash

Related post

  • Program to change/obfuscate all hashes (MD5/SHA1) in a directory tree? 2010-03-28

    A) Are there any FOSS programs out there that can manage to hashchange all files in a directory tree? B) Failing that, what methods could be used to develop this capability in a (crappy) self-written program without requiring the program to be sophis

  • Is any substring of an encrypted hash (md5, sha1) more "random" than another? 2010-09-29

    Here's 3 example md5 hashes $ md5 -s "1" && md5 -s "2" && md5 -s "3" MD5 ("1") = c4ca4238a0b923820dcc509a6f75849b MD5 ("2") = c81e728d9d4c2f636f067f89cc14862c MD5 ("3") = eccbc87e4b5ce2fe28308fd9f2a7baf3 Say I wanted to take 8 charact

  • Hashes (MD5, SHA1, SHA256, SHA384, SHA512) - why isn't it possible to get the value back from the hash? 2012-01-13

    On this blog post, there is a sentence as below: This hash is unique for the given text. If you use the hash function on the same text again, you'll get the same hash. But there is no way to get the given text from the hash. Forgive my ignorance on m

  • How is the machineKey validationKey used when creating a sha1 hash? 2009-03-06

    <machineKey validation="SHA1" validationKey="<64-byte key>" What exactly does the validationKey do? Say I create a hash with SHA1. How does the validationKey play in to it? Consider this code: HMACSHA1 hashSha = new HMACSHA1(_validationKey);

  • OK to use only 64-bits of sha1 hash as an id? 2009-04-16

    1) For the purpose of really low hash collision, can I get away with just using half of the 128 bits of a sha1 rather than dealing with the sha1 itself? I understand this is not suitable for cryptographic hashes, but I just need the hashes for hash t

  • Help digitally signing hashed (SHA1) string 2010-08-31

    I'm posting data to REST URI, in the form of xml snippet with header and body. The body is encrypted, and then the header includes a digital signature (which is the encypted body hashed with SHA1 and then encrypted. My question is, how do I create th

  • How to use SHA1 hashing in C programming 2012-02-14

    I am trying to write a C program that proves SHA1 is nearly collision free, but I cannot figure out how to actually create the hash for my input values. I just need to create the hash, and store the hex value into an array. After some Google searches

  • How could my PHP and MySQL servers generate different hashes when using SHA1()? 2012-03-02

    When I generate an unsalted hash with SHA1 in PHP it is different than when I let my MySQL server handle it. Why is this? Is there any way I can fix this so the hashes are the same? I'm guessing it's too late if the hashes have already been generated

  • Simple programming language with a md5/sha1 hash command? 2012-04-01

    I'm looking to create a simple brute-force password-cracker which will hash an input from stdin and compare the result to an existing hash (for my securities class). I've never done any actual programming involving hashes, though, since it's mostly b

  • Is the Hash of a GUID unique? 2008-09-26

    I create a GUID (as a string) and get the Hash of it. Can I consider this Hash to be unique? --------------Solutions------------- Not as reliably unique as the GUID itself, no. Just to expand, you are reducing your uniqueness by a factor of 4. going

  • Reimplement ASP.NET Membership and User Password Hashing in Ruby 2009-02-09

    I have a large database of users (~200,000) that I'm transferring from a ASP.NET application to a Ruby on Rails application. I don't really want to ask every user to reset their password and so I'm trying to re-implement the C# password hashing funct

  • How can I create multiple hashes of a file using only one pass? 2009-02-11

    How can I get a MD5, SHA and other hashes from a file but only doing one pass? I have 100mb files, so I'd hate to process those 100MB files multiple times. --------------Solutions------------- Here's a modified @ʞɔıu's answer using @Jason S' suggesti

  • Not getting a sha1 match in my C# to PHP code conversion, what am I missing? 2009-03-03

    I'm trying to understand this so I can do something similar. I know: buf contains an authentication key with a hash appended to it (the last 20 bytes) The HashData that's being looked up in the MachineKeySection is SHA1 length -= 20; byte[] buffer2 =

  • How should 'raw binary data' hashes be stored in MySQL? 2009-06-02

    I'm wanting to store hashed passwords in MySQL, I'm using PHP: <?php $salt = '!£$%^&*()#'; $username = 'abc'; $password = '123'; $hash = hash('sha1', $username . $salt . $password, true); ?> The true parameter in hash() will return the valu

  • What is default hash algorithm that ASP.NET membership uses? 2009-07-16

    What is default hash algorithm that ASP.NET membership uses? And how can I change it? --------------Solutions------------- The default hashing is SHA1 but they also salt it and base64 it: public string EncodePassword(string pass, string salt) { byte[

  • changing from md5 to sha1,salting 2009-10-18

    my algorithm looks like this: $new_password = sha1($salt . $password . $email); it works good, but Im trying to change to sha1 since ive heard its better but it wont work. Why is that? register: //generate a strong unique salt $salt = uniqid(mt_rand(

  • Rails truncates hash on save: 2010-01-27

    I have a rails model with a hashed password field in it (surprise, surprise), which after some manipulation, is 40 characters long. I generate a user in script/console and it appears as follows: #<User id: 1, firstname: "true", lastname: "false",

  • Is there a significant overhead by using different versions of sha hashing (hashlib module) 2010-02-10

    The hashlib Python module provides the following hash algorithms constructors: md5(), sha1(), sha224(), sha256(), sha384(), and sha512(). Assuming I don't want to use md5, is there a big difference in using, say, sha1 instead of sha512? I want to use

  • What is the best way to create a random hash/string? 2010-02-19

    What is the best way of generating a hash for the purpose of storing a session? I am looking for a lightweight, portable solution. --------------Solutions------------- You can use PHP's built-in hashing functions, sha1 and md5. Choose one, not both.

Copyright (C) dskims.com, All Rights Reserved.

processed in 0.172 (s). 11 q(s)