1

Is it save to create a hash of user passwords with sha256_crypt.encrypt("secretUserPassword") and store it to a database without adding a slat to the hash?

If so, what protects the hashes against rainbow table attacks?

This is how I create a new user in my web application and store it to the database: 

admin = User()
admin.name = 'admin'
admin.password = sha256_crypt.encrypt("secretAdminPassword")
db.persist_user(admin)

This is how I check the credentials and login the user

username = request.form['username']
password = request.form['password']   
user = user_from_db(username)
if sha256_crypt.verify(password, user.password):
   login_user(user)
eztam
  • 3,443
  • 7
  • 36
  • 54
  • 2
    According to [the docs](https://pythonhosted.org/passlib/lib/passlib.hash.sha256_crypt.html), salts are added automatically. So I guess its fine. – Schore Apr 01 '16 at 11:45
  • 2
    As an aside, a salt does not add security as such. Its purpose is to prevent identical passwords from producing the same hash. It's hard to imagine a situation where this protection would not be useful, but in isolation, it does not improve the security of the SHA256 encryption at all. – tripleee Apr 01 '16 at 11:48
  • @tripleee - This is more a side effect of salting, not the main purpose. Unique salts for each password prevent building one single rainbow-table to get all passwords at once. Instead one has to build a rainbow-table for each password, what makes this method unpracticable. – martinstoeckli Apr 02 '16 at 14:14
  • @martinstoeckli I don't see how what you write is different from, let alone refutes what I wrote. – tripleee Apr 02 '16 at 15:45
  • 2
    @tripleee - The difference is indeed subtle, and i didn't mean you are wrong. There are actually two advantages. First it _is_ an advantage that equal passwords result in different hashes, so one cannot tell that two customers used the same password and with cracking one you don't know that the other is cracked too. That's how i understand your comment. The other thing is, that using a salt _does_ improve security (even if not unique), because you cannot use already existing rainbow tables (e.g. just asking google), you would have to build the rainbow-table for this salt in the first place. – martinstoeckli Apr 02 '16 at 16:05
  • Oh, I see your point now. As to which is the main effect and which is the side effect, maybe you are right, although historically, I believe salting to protect against cracking by local users predates the use of rainbow tables by a large margin. – tripleee Apr 02 '16 at 17:54

1 Answers1

1

The documentation states that the function sha256_crypt.encrypt("password") not only calculates a SHA-256 hash, it also...

  1. adds a salt automatically
  2. does many rounds of hashing

Both points are essential to get a safe password hashing function. Using it without a self made salt is preferred, because there are several pitfalls in creating a cryptographically safe salt, so best leave it to the library.

martinstoeckli
  • 23,430
  • 6
  • 56
  • 87