Shulou(Shulou.com)06/03 Report--

This article focuses on "how to securely transmit and store user passwords". Interested friends may wish to take a look. The method introduced in this paper is simple, fast and practical. Let's let the editor take you to learn how to securely transfer and store user passwords.

1. How to securely transfer a user's password

To refuse a user's password to run naked on the network, it is easy to think of using the https protocol. Let's review the relevant knowledge of https first.

1.1 https protocol

"three major risks of http"

Why use the https protocol? "http it doesn't smell good"? Because http is a plaintext message transmission. If you use the http protocol in the vast ocean of the Internet, there are three major risks:

❝eavesdropping / sniffing risk: third parties can intercept communication data. Risk of data tampering: after a third party obtains the communication data, it will be maliciously modified. Risk of identity forgery: a third party can participate in communication by impersonating the identity of another person. ❞

It's okay to transmit unimportant information, but it's great to transmit sensitive information such as user passwords. Therefore, it is generally necessary to use "https protocol" to transmit user password information.

"https principle"

What is the principle of https? Why can it solve the three major risks of http?

❝

Https = http + SSL/TLS, SSL/TLS is a transport layer encryption protocol, which provides content encryption, identity authentication and data integrity check to solve the security problems of data transmission.

❞

In order to deepen the understanding of the principle of https, let's review the request flow of a complete https.

❝client initiates https request

The server must have a set of digital certificates, which can be made by itself or applied to an authoritative organization. This set of certificates is actually a pair of public and private keys.

The server sends its own digital certificate (an authority with a public key, certificate, etc.) to the client.

After receiving the digital certificate on the server side, the client will verify it, mainly to verify whether the public key is valid, such as the issuing authority, expiration time, and so on. If not, the warning box pops up. If the certificate is fine, a key (the key of the symmetric encryption algorithm, which is actually a random value) is generated, and the random value is encrypted with the public key of the certificate.

The client initiates a second request in the https, sending the encrypted client key (random value) to the server.

After receiving the key from the client, the server will asymmetrically decrypt it with its own private key, get the client key after decryption, and then use the client key to symmetrically encrypt the returned data, so that the data becomes ciphertext.

The server returns the encrypted ciphertext to the client.

The client receives the ciphertext sent back by the server and decrypts it symmetrically with its own key (client key) to get the data returned by the server. ❞"https must be safe? "

Https data transmission process, the data are ciphertext, then, the use of https protocol to transmit password information, must be secure? In fact, "otherwise" ~

❝for example, https is based entirely on certificate trustworthiness. However, if you encounter a middleman to forge a certificate, once the client has passed the verification, the security will be lost immediately. Usually all kinds of phishing indescribable websites, it is likely that hackers are inducing users to install their forged certificates! By forging certificates, https may also be caught. ❞1.2 symmetric encryption algorithm

Since the https protocol is used to transmit the user's password, it is still "not necessarily secure", so let's "encrypt and retransmit" the user's password.

Encryption algorithms can be divided into two categories: symmetrical encryption and asymmetric encryption. Which type of encryption algorithm is "reliable"?

❝

Symmetric encryption: an encryption algorithm that uses the same key for encryption and decryption.

❞

The commonly used symmetric encryption algorithms are as follows:

If you use a symmetric encryption algorithm, you need to consider "how to give the key to the other party". If the key is still transmitted to the other party through the network, and the transmission process is obtained by the middleman, it is also risky.

1.3 asymmetric encryption algorithm

And consider the asymmetric encryption algorithm?

❝

Asymmetric encryption: the asymmetric encryption algorithm requires two keys (public key and private key). The public key and the private key exist in pairs. if the data is encrypted with the public key, only the corresponding private key can be decrypted.

❞

The commonly used asymmetric encryption algorithms are as follows:

❝

If you use an asymmetric encryption algorithm, you also need to consider "how to give the public key to the other party". What will be the problem if the public key is transmitted to the other party through the network, and the transmission process is obtained by the middleman? "can they forge the public key, give the forged public key to the client, and then use their own private key and other public key to encrypt the data? "you can think about this question, ha ~

❞

We directly "log in to Baidu", grasp the interface request, and verify how a big factory is encrypted. You can find an API for obtaining public key, as follows:

Take a look at the login interface, it is found that it is the RSA algorithm, and RSA is the "asymmetric encryption algorithm". In fact, the front end of Baidu uses the JavaScript library "jsencrypt", and there are a lot of star in github.

Therefore, we can use "https + asymmetric encryption algorithm (such as RSA)" to transmit user password ~

two。 How to store your password securely?

Assuming that the password has safely reached the server, how to store the user's password? Must not store passwords in clear text to the database! You can use the hash digest algorithm to encrypt the password and save it to the database.

❝

Hash digest algorithm: only a corresponding hash value can be generated from the plaintext, not the corresponding plaintext according to the hash value.

❞2.1 MD5 digest algorithm protects your password

MD5 is a very classical hash digest algorithm, which is widely used in data integrity check, data (message) digest, data encryption and so on. But it is not secure to use MD5 alone to digest passwords. Let's look at an example, as follows:

Public class MD5Test {

Public static void main (String [] args) {

String password = "abc123456"

System.out.println (DigestUtils.md5Hex (password))

}

}

Running result:

0659c7992e268962384eb17fafe88364

As soon as you enter the MD5 free cracking website, you can see the original password right away.

Imagine if a hacker builds a very large database, calculates the MD5 hash value of all the passwords of numbers and letters within 20 digits, and stores the password and their corresponding hash value in it (this is the "rainbow table"). When cracking the password, you only need to check the rainbow table. Therefore, it is no longer safe to store the hash value of the password by MD5 alone.

2.2 MD5+ salt digest algorithm protects users' passwords

So why not try MD5+ salt? What is "adding salt"?

❝

In cryptography, it means that by inserting a specific string in any fixed position of the password, the result of the hash does not match that of the original password. This process is called "adding salt".

❞

After the user password + salt, the hash is hashed and saved to the database. This can effectively deal with the rainbow table breaking solution. However, when adding salt, you need to pay attention to a few points:

❝cannot write dead salt in the code, and the salt needs to have a certain length (if the salt is too simple, hackers may register several accounts to deduce it) each password has its own salt, and the salt is a little longer, such as more than 20 characters. (salt is too short, plus the original password is too short, easy to crack) it's better to be random and unique in the world, which means there can't be a ready-made rainbow watch for you to use. ❞2.3A sharp weapon to improve the security of password storage, Bcrypt

Even with salt, the password can still be violently cracked. Therefore, we can adopt a more "slower" algorithm to make hackers pay more to crack passwords, or even force them to give up. Bcrypt, a sharp weapon to improve the security of password storage, can make its debut.

❝

In fact, Spring Security has abandoned MessageDigestPasswordEncoder and recommends using BCryptPasswordEncoder, that is, BCrypt, for password hashing. BCrypt was born with an algorithm designed to save passwords, which is much slower than MD5.

❞

Take a look at an example and compare it:

Public class BCryptTest {

Public static void main (String [] args) {

String password = "123456"

Long md5Begin = System.currentTimeMillis ()

DigestUtils.md5Hex (password)

Long md5End = System.currentTimeMillis ()

System.out.println ("md5 time:" + (md5End-md5Begin))

Long bcrytBegin = System.currentTimeMillis ()

BCrypt.hashpw (password, BCrypt.gensalt (10))

Long bcrytEnd = System.currentTimeMillis ()

System.out.println ("bcrypt Time:" + (bcrytEnd- bcrytBegin))

}

}

Running result:

Md5 time:47

Bcrypt Time:1597

Rough comparison found that BCrypt is dozens of times slower than MD5, and it will cost dozens of times if hackers want to crack it violently. Therefore, in general, it is recommended to use Bcrypt to store the user's password.

At this point, I believe you have a deeper understanding of "how to securely transmit and store user passwords". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.