Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 years ago.
Improve this question
I am attempting to learn more about password hashing. I am pretty used to java and am trying to write my own hashing function for a password. I understand you should never implement your own password security this is purely an academic endeavor. I have made my own implementation of HashMap and other data structures. I would appreciate a description of how hashing works and code fragments if needed. I have searched for an answer but all I can find is how to use SHA 256 (or others ) to hash a password. I would like to make my own to learn more about the algorithms. Thank you for any and all help.
p.s.
To clarify, I know there are algorithms that you can import in java to hash password. I am looking for a description of how these functions work and how the are similar to a hashMap so I can attempt to replicate it.
This is a very broad question but hopefully a few high level details will help you.
Firstly though, as you said, you should not generally implement a secure hashing function yourself since it is very easy to make mistakes resulting in security vulnerabilities.
Cryptographic hashing, such as is provided in SHA-2 at various bit strengths, is a one way cryptographic process of converting your input bytes into an output of the specified length. Assuming correct algorithms, this output cannot be directly converted back to the input.
For discussions on the SHA-2 algorithm in specific you can start with the wikipedia page: https://en.wikipedia.org/wiki/SHA-2
For designing your own algorithm you would want to take into account the following considerations (as SHA-2 and other hashing algorithms do, excerpted from Wikipedia):
it is deterministic so the same message always results in the same hash
it is quick to compute the hash value for any given message
it is infeasible to generate a message from its hash value except by trying all possible messages
a small change to a message should change the hash value so extensively that the new hash value appears uncorrelated with the old hash value
it is infeasible to find two different messages with the same hash value
Further, for password hashing in particular:
Going against the "quick" consideration above, password hashing algorithms are generally chosen to be slower and more difficult to implement in hardware (e.g. scrypt) in order to reduce the ability to brute force a password when its hash and salt are known. Commonly this is done by doing some 1000+ rounds of SHA-2.
Lastly, outside of the hashing algorithm itself, it is important to make sure the password hashes are salted. Salt here refers to modifying the password (e.g. by prefixing it) before hashing with a randomly generated salt value that is also stored with the hash. This prevents an existing or single dictionary of password hashes from being used against all hashes in your database were it to be compromised (i.e. it forces an attacker to attack each hash individually).
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 3 years ago.
Improve this question
I am working on a java project that connects to a DB and i am thinking of a way to store an "admin password" in the database to grant the access to "admin methods" in my java program.
is creating a table just to store this password so that you can retrieve it and even changing it when you get it right in the program a sign of bad programming?
( ex: insert psw---->retrieve psw from database ----> if its the same you are switched to an admin list of actions, one of them is the changing of this psw)
If your question is really just, "is it a bad design practice to use a database (edit: or database table) to hold only one piece--or a few pieces--of data", I would say probably not. Databases are a place to hold data, and they very easily scale. You might at some point need to hold more data, and in the future a lot more data, and databases do that very efficiently.
Is it overkill for a single piece of data? Probably, but I doubt you'd end up just storing that one piece there. If it's just one user (you) you don't need a database, but rather secure credentials or an application that only you can access. But assuming it's not just for you, you'll probably find a lot of other things that are helpful to store there.
However, the question you didn't really ask but should be more interested in, is can you do this securely? The answer there is a lot more dubious. Even very well-designed, complex user access systems have vulnerabilities. It is difficult to account for all of the common vulnerabilities and design flaws. How will you handle password encryption? Brute force attack denial? Attacks that use the variance in the response time of your database to different passwords to hone in on the password?
I'm not a security expert, but I know enough to know that, and to leave security related systems to those who specialize in them. I suggest you do the same.
If you absolutely need to have a user-authentication process, use a system that already exists. It's not that hard, and a lot more secure, to tie into an authentication system. If you don't absolutely need to, and this is all just for you or one other user, just avoid the security problem and don't develop it as a public system that you log into over the application.
Edit: Rereading your question, you already have a database but are asking about an additional table in it. My answer holds -- it's not a bad practice, but storing of a password in it is still very risky if you don't know what you're doing.
I would say no.
When data doesn't fit into the other relational tables and you can't imagine to put the data in another Table, go for it.
You can always change the Structure and the programming that accesses the data, if in future the database structure has to change and you find the opportunity to save the data elsewhere
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
I have a requirement to encrypt a string in java using AES algorithm and to decrypt the data in PHP. I have searched SO but I dint get any exact answer.
In some posts, they used Padding. And also they spoke about the key size.
But, I don't have any idea about the key size and what padding I should use.
So please help me by posting some sample code and explanations to understand better.
Thanks in advance!!
The key size is not important, any of the available sizes are secure.
AES is a block cipher, that means that input must be a multiple of the block size: 16-bytes. Unless the input is always a multiple of the block size padding will be required.
The standard padding for AES is PKCS#7 (sometimes stated PKCS#5). The problem is PHP and the usual mcrypt library used, it does not support PKCS#7 padding, only null padding and can not be used with binary data. The bozo maintainers refuse to add PKCS#7 padding. You will have to add your own PKCS#7 padding support if you use mcrypt, it is not hard, generally three lines of code.
But there are more issues. The encryption mode and CBC mode requires an iv which should be random data. Authentication to determine if the decrypted data is correct. The key should not be a string, if it is it should be used to derive a key with a function such as PBKDF2.
I suggest using RNCryptor which is available for Java, php and many other languages. It provided all the necessary elements to create secure encryption including: AES-256 encryption,CBC mode, password stretching with PBKDF2, password salting, random IV, encrypt-then-hash HMAC authentication, and versioning.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 9 years ago.
Improve this question
I'm in school, and we've been learning about hashing. For open addressing, we've learned about the three probing methods: linear probing, quadratic probing, and double hashing.
On a similar question here, Jim Mischel answered:
"[...] You should also note that in practice, as long as the load factor is reasonable and you have a good hashing function, there is almost no real difference in the performance of these (linear, quadratic, double hashing) and other open addressing schemes like cuckoo hashing, etc".
As far as I know, Java's HashMap is implemented using separate chaining with a linked list. Is it common for people to write their own implementation using linear/quadratic probing, instead of using Java's default implementation? And considering what Jim said, wouldn't people still use double hashing over linear/quadratic probing if they want open addressing?
As far as I know, Java's HashMap is implemented using separate chaining with a linked list.
This is correct. However, Java has another hash map implementation * called IdentityHashMap<K,V>, which uses linear probing instead:
Implementation note: This is a simple linear-probe hash table, as described for example in texts by Sedgewick and Knuth. The array alternates holding keys and values. (This has better locality for large tables than does using separate arrays.) For many JRE implementations and operation mixes, this class will yield better performance than HashMap (which uses chaining rather than linear-probing).
I don't know of framework implementations of hash tables with quadratic probing. To me, the most obvious reason to go to quadratic probing in my own implementation would be avoiding "hash clusters" when hash buckets next to each other are filled with data, while other contiguous areas of the bucket array remain empty. Ultimately, though, this is a compensation for a less-than-ideal hash function on your original objects, because in theory the clustering shouldn't happen.
* Strictly speaking, IdentityHashMap is not a proper implementation of hash map, because it breaks the contract by using identity rather than equality comparison.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 6 years ago.
Improve this question
I need to generate a 64 bit public-private key pair but can't find out any standard algorithm.
When you say public-private key pair, you imply that you are talking about asymmetric cryptography. Key sizes here are normally much much bigger than this - 512 bit or 1024 bit are common. If you are actually talking symmetric cryptography, then just randomly generate a 64 bit number (and, if you are using an algorithm like DES/3DES, check it against known weak keys for the algorithm).
Offhand, I can't think of a public-key cryptography algorithm that would be even somewhat secure with only a 64-bit key. RSA is by far the most common, but for it a 512 bit key is on the small side. Elliptical curve cryptography doesn't require as large of keys as most other public-key algorithms, but even so you typically need somewhere in the range of 150-200 bits.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions concerning problems with code you've written must describe the specific problem — and include valid code to reproduce it — in the question itself. See SSCCE.org for guidance.
Closed 9 years ago.
Improve this question
I want to find the RSA code in both Javascript and Java code. And they can return the same result in encrypt and decrypt.
My purpose is: I can encrypt a message in the user's browser using Javascript (with the public key). After I can decrypt that message in my server (with private key).
I found on internet but Javascript and Java return difference result: if I encrypt using Javascript, I cannot decrypt using Java.
This is not a good idea.
RSA public key encryption is suitable for encrypting a session key, not the entire message. It's too slow and it's susceptible to a man-in-the-middle attack when used directly.
Just use SSL and be done with it.
I am curious why the javascript and java had different results, as RSA isn't platform dependent, but, converting the key to a byte array can differ, so that could be your difficulty.
If you are encrypting a password then it may make sense to use RSA, as the number of bytes that can be encrypted/decrypted is related to the length of the key.
Where you found the source code for Java and Javascript would be useful to see, or at least to know how the keys were turned into byte arrays, and then the private or public keys were created from those.
Here is a simple RSA algorithm for Javascript (numbers only); you can easily convert it to Java by following the source code of the page:
http://www.alporal.com/rsa.htm