7

All the examples online show the use of crypt like this:

$pass = crypt('something','$6$rounds=5000$anexamplestringforsalt$');

But everyone says that you are not supposed to define the rounds or the salt.

So how should I use it?

Also I am having a problem: when I run the code above, it only runs 50 rounds instead of 5000 rounds as if the system is stopping it.

Any help will be greatly appreciated.

//- Solution -//

I have found some of these to be useful:

For generating Salt:

Here is a random way of generating salt

$randomString = random_bytes(32);

Base 64 encode to ensure that some characters will not cause problems for crypt

$salt = base64_encode($randomString);

For Hashing:

$hashed = crypt($passwordInput, '$6$'.$salt);

To Confirm:

if (crypt($passwordInput, $hashed) == $hashed) { 
  // Valid action
} else { 
  // Invalid action
}

** Special Thanks to @lathspell for help with arriving at above solution **

Georg Schölly
  • 124,188
  • 49
  • 220
  • 267
ShadowZzz
  • 415
  • 2
  • 5
  • 17
  • Out of interest: how are you determining how many rounds it actually does? – deceze Aug 19 '13 at 05:29
  • 1
    Because the output shows: $6$rounds=50$ob0t0FFYzA4Az0FlWjjOaXzflUuCfQn8qKrA75JRgoiElmy35zLVF7u4558SxPXoNWSaUmLDKxPYDtpvuWIWs1 – ShadowZzz Aug 19 '13 at 05:33
  • Possibly a bug in some older versions? → http://3v4l.org/BplEG Actually, according to the manual SHA-512 did not exist until 5.3.2...!? – deceze Aug 19 '13 at 05:40
  • Ok @deceze 's suggestion that it may be a bug is correct, I checked my CP and turned out it jumped back to PHP 5.2. I'll have to figure out why later. Also, Is there an answer for the Main question? about how it should be displayed. – ShadowZzz Aug 19 '13 at 15:25
  • I removed the code to generate a password with `str_shuffle` because it has max 32 bits of entropy and likely less (because `str_shuffle` is not cryptagraphically secure) – Georg Schölly Oct 15 '20 at 14:17

3 Answers3

5

The main reason to run the algorithm for a certain amount of rounds is simply to slow it down to make brute forcing attacks uninteresting. For that 5000 iterations are enough even for modern hardware. You could as well use 100000 but then your server admin would probably want to have a word with you :-) rounds=5000 is the default for SHA-512. The minimum is 1000 and the maximum very high.

lathspell
  • 3,040
  • 1
  • 30
  • 49
  • So how would I write the php code for the generally accepted SHA-512 Crypt Algo? – ShadowZzz Aug 21 '13 at 21:39
  • 2
    for encryption: $salt = substr(str_shuffle("./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"), 0, 8); $hashed = crypt($passwordInput, '$6$'.$salt); to verify: if (crypt($passwordInput, $hashed) == $hashed) { echo "valid"; } else { echo "invalid"; } – lathspell Aug 22 '13 at 15:43
  • Ok Thank You! I will make a post with what I will use. – ShadowZzz Aug 22 '13 at 18:13
  • 1
    You could throw in a str_repeat() before the str_shuffle() – Darsstar Aug 30 '13 at 19:24
  • 2
    To not be vulnerable to timing attacks one should use the `hash_equals` function instead of `==`. – MaPePeR Nov 26 '18 at 14:31
5

Use OpenSSL for salt generation, it's even more random. And maybe 20000 rounds to future proof your code a bit.

function cryptPassword($password, $salt = "", $rounds = 20000)
{
    if ($salt == "")
    {
        // Generate random salt
        $salt = substr(bin2hex(openssl_random_pseudo_bytes(16)),0,16);
    }
    // $6$ specifies SHA512
    $hash = crypt($password, sprintf('$6$rounds=%d$%s$', $rounds, $salt));

    return $hash;
}
Jens Lorentsson
  • 89
  • 1
  • 3
1

hash could be an option. You can use hash('sha512', $stringInput);

r.cartojano
  • 11
  • 2