Which hash algorithm does Ruby's String.crypt method use? When used in conjunction with a salt, is this secure enough for hashing passwords?
Add a comment
|
2 Answers
No
It uses the C library crypt() which is based on DES. This is a fast cipher.1.
It's not ideal for hashing passwords. The algorithm is reasonable as a cryptosystem although rather short on key length which is a problem for passwords. However, it has an even more fundamental weakness: it's too fast.
Good password hashing functions have a somewhat odd cipher requirement: they need algorithms that fundamentally require many complex operations, not just a handful of XOR ops and some table lookups like DES does.
It is, btw, almost always a bad idea to roll your own password system. It's better to use existing packages on the theory that these have been subject to review. It requires a certain amount of subject matter expertise to cook up a good one.
And finally, you have asked a question that our fearless leader here on SO has written about! See: The Dirty Truth About Web Passwords.
1. Note that even if it were implemented in Ruby the speed would still be a problem: it's fundamentally a fast algorithm so an attacker could use his own implementation for key searching.
Comments
Correct me if I'm wrong but it only uses the first 8 bytes of the string, which means your passwords using crypt can't be longer than 8 bytes.
Here's an example in the irb
"special-special-special-special-special-special-special-special-special-special-special-special-special-special-special-special-".crypt("1234567890123456123456789012345612345678901234561234567890123456")
=> "12mJsn4TDq.Gw"
"special-".crypt("1234567890123456123456789012345612345678901234561234567890123456")
=> "12mJsn4TDq.Gw"
"special".crypt("1234567890123456123456789012345612345678901234561234567890123456")
=> "127X5bTSGngyI"
Comments
