0

A system I have been working on for a while requires DPA, and asked a question about keeping the data passcodes safe. I have since them come up with an idea to fix that, which involves having the data decrypt password for the database stored on the database, but have that encrypted with validated users password (which is stored as an MD5 key) after a different type of hashing.

The question is that does encrypting the password multiple times with different keys (at least 20 characters long, with possible extension) make it considerably easier to decrypt without prior knowledge or information on the password?

topherg
  • 4,203
  • 4
  • 37
  • 72
  • 1
    I've given the direct answer to your question, but please note that without more information on your scheme, it is impossible to tell if your specific scheme is vulnerable or not. Keys should have bits, not characters, and should be be using a secure cipher (e.g. AES) and possible integrity/authentication. Furthermore, the passwords should have minimum entropy and keys should be derived from them using a well known key derivation scheme (bcrypt, PBKDF2). – Maarten Bodewes Nov 26 '11 at 20:12
  • a responce to the md5 check this http://www.akkadia.org/drepper/SHA-crypt.txt – david Nov 26 '11 at 20:25

2 Answers2

1

No, in general a good cipher should have the property that you cannot retrieve data even if you know the plaintext. Having the data encrypted should not have much influence, geven a good cipher and a big enough key space.

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263
  • so when you say good cipher, are there any you would recommend. I have played around with RC4 a little bit. – topherg Nov 26 '11 at 20:10
0

First off, MD5 is no longer considered a secure encryption algorithm. See http://www.kb.cert.org/vuls/id/836068 for details.

Secondly, the encryption key for the data should not be stored in the database itself. It should be stored separately. That way there are at least two things that have to be obtained (the database file and the key) to decrypt the data. If the key is stored in the database itself, it probably wouldn't take long to find it once someone has the database file.

Find a separate method for storing the key. It should either be coded into the application or stored in a file that is obfuscated in some way.

Nick Zimmerman
  • 1,471
  • 11
  • 11
  • i didn't realize md5 was not secure anymore, but if i change to some other hashing method, possibly one of my own creation, it could keep it safe. Are there any alternatives to MD5 you can suggest? – topherg Nov 26 '11 at 20:19
  • You cannot just create a secure hashing method, it takes a lot of effort (how much? check the SHA-3 competition). SHA-1 is still safe but vulnerable, you are better off using SHA-256 or SHA-512 (which are, confusingly, SHA-2 hash algorithms, the full name would be SHA-2 256, but nobody ever uses that) – Maarten Bodewes Nov 30 '11 at 00:54