Use Zend\Authentication\Adapter\DbTable with Zend\Crypt\Password\Bcrypt

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

Use Zend\Authentication\Adapter\DbTable with Zend\Crypt\Password\Bcrypt

Ralf Eggert
Hi,

I looked at the authentication adapter for databases and saw the
examples using md5() for password encryption.

http://zf2.readthedocs.org/en/latest/modules/zend.authentication.adapter.dbtable.html

I wonder if it is possible to use adapter if I encrypt the passwords
with Bcrypt.

http://zf2.readthedocs.org/en/latest/modules/zend.crypt.password.html

Has anyone managed to combine these two components?

Regards,

Ralf
Reply | Threaded
Open this post in threaded view
|

Re: Use Zend\Authentication\Adapter\DbTable with Zend\Crypt\Password\Bcrypt

Jurian Sluiman
CONTENTS DELETED
The author has deleted this message.
Reply | Threaded
Open this post in threaded view
|

Re: Use Zend\Authentication\Adapter\DbTable with Zend\Crypt\Password\Bcrypt

Piotr Nastały
In reply to this post by Ralf Eggert
W dniu 27.08.2012 20:56, Ralf Eggert pisze:

> Hi,
>
> I looked at the authentication adapter for databases and saw the
> examples using md5() for password encryption.
>
> http://zf2.readthedocs.org/en/latest/modules/zend.authentication.adapter.dbtable.html
>
> I wonder if it is possible to use adapter if I encrypt the passwords
> with Bcrypt.
>
> http://zf2.readthedocs.org/en/latest/modules/zend.crypt.password.html
>
> Has anyone managed to combine these two components?
>
> Regards,
>
> Ralf
The example seems to use build in md5 function of the DB adapter. SQLite
in this case (though I'm not sure if sqlite has md5() ).
Using md5 for password hashing is considered bad practice, as it has
proven to be vulnerable.

Another part where the manual gives bad security hints is the green box
saying:
"You can improve security even more by using a static salt value hard
coded into your application. In the case that your database is
compromised (e. g. by an SQL injection attack) but your web server is
intact your data is still unusable for the attacker."

Password salt should be RANDOM, and different for every user. With
static salt You risk having collisions in your own database (where 2
users have the same password).

Therefore I think both md5 and the static salt proposal should be
removed from the manual page. I also do not believe SQLite has MD5
function...

Regards

PiotrN
Reply | Threaded
Open this post in threaded view
|

Re: Use Zend\Authentication\Adapter\DbTable with Zend\Crypt\Password\Bcrypt

Dennis Winter
See inline:

> W dniu 27.08.2012 20:56, Ralf Eggert pisze:
>> Hi,
>>
>> I looked at the authentication adapter for databases and saw the
>> examples using md5() for password encryption.
>>
>> http://zf2.readthedocs.org/en/latest/modules/zend.authentication.adapter.dbtable.html
>>
>> I wonder if it is possible to use adapter if I encrypt the passwords
>> with Bcrypt.
>>
>> http://zf2.readthedocs.org/en/latest/modules/zend.crypt.password.html
>>
>> Has anyone managed to combine these two components?
>>
>> Regards,
>>
>> Ralf
> The example seems to use build in md5 function of the DB adapter. SQLite
> in this case (though I'm not sure if sqlite has md5() ).
> Using md5 for password hashing is considered bad practice, as it has
> proven to be vulnerable.
>
> Another part where the manual gives bad security hints is the green box
> saying:
> "You can improve security even more by using a static salt value hard
> coded into your application. In the case that your database is
> compromised (e. g. by an SQL injection attack) but your web server is
> intact your data is still unusable for the attacker."
>
> Password salt should be RANDOM, and different for every user. With
> static salt You risk having collisions in your own database (where 2
> users have the same password).

I think this section of the docs is according to using a dynamic salt AND a static salt. Just a hard coded salt or a dynamic salt doesn't make much sense to me.

>
> Therefore I think both md5 and the static salt proposal should be
> removed from the manual page. I also do not believe SQLite has MD5
> function...
>
> Regards
>
> PiotrN
Reply | Threaded
Open this post in threaded view
|

Re: Use Zend\Authentication\Adapter\DbTable with Zend\Crypt\Password\Bcrypt

Ralf Eggert
In reply to this post by Jurian Sluiman
Hi Jurian,

> I am not 100% about ZfcUser, but if I remember correctly, ZfcUser does use
> bcrypt with Zend\Crypt for passwords and the database authentication
> adapter. You might want to dig through
> http://github.com/zf-commons/zfcuserfor that.
>
> The authentication looks difficult because it extends the standard adapter
> to allow a "chain" of adapters, but out of the box it works with database
> validation of credentials.

I had a look into it. The Db authentication adapter creates a completely
new adapter and therefore a new authenticate() method. It simply reads
the data first and makes the password check then, while the
Zend\Authentication\Adapter\DbTable verifies the credential on the sql
level.

With this in mind it should not be so hard, to write my own
authentication adapter which could use my model entity and mappers as well.

Thanks and regards,

Ralf
Reply | Threaded
Open this post in threaded view
|

Re: Use Zend\Authentication\Adapter\DbTable with Zend\Crypt\Password\Bcrypt

weierophinney
Administrator
-- Ralf Eggert <[hidden email]> wrote
(on Monday, 27 August 2012, 10:35 PM +0200):

> Hi Jurian,
>
> > I am not 100% about ZfcUser, but if I remember correctly, ZfcUser does use
> > bcrypt with Zend\Crypt for passwords and the database authentication
> > adapter. You might want to dig through
> > http://github.com/zf-commons/zfcuserfor that.
> >
> > The authentication looks difficult because it extends the standard adapter
> > to allow a "chain" of adapters, but out of the box it works with database
> > validation of credentials.
>
> I had a look into it. The Db authentication adapter creates a completely
> new adapter and therefore a new authenticate() method. It simply reads
> the data first and makes the password check then, while the
> Zend\Authentication\Adapter\DbTable verifies the credential on the sql
> level.
>
> With this in mind it should not be so hard, to write my own
> authentication adapter which could use my model entity and mappers as well.

BTW, the new Zend\Crypt provides a ton of functionality surrounding
salting and hashing of passwords, and Enrico has even written a blog
post on it.

    http://zf2.readthedocs.org/en/latest/modules/zend.crypt.introduction.html
    http://www.zimuel.it/en/english-cryptography-made-easy-with-zend-framework/

--
Matthew Weier O'Phinney
Project Lead            | [hidden email]
Zend Framework          | http://framework.zend.com/
PGP key: http://framework.zend.com/zf-matthew-pgp-key.asc
Reply | Threaded
Open this post in threaded view
|

Re: Use Zend\Authentication\Adapter\DbTable with Zend\Crypt\Password\Bcrypt

David Muir-2
In reply to this post by Dennis Winter
On 28/08/2012, at 6:03 AM, Dennis Winter <[hidden email]> wrote:

> See inline:
>
>> W dniu 27.08.2012 20:56, Ralf Eggert pisze:
>>> Hi,
>>>
>>> I looked at the authentication adapter for databases and saw the
>>> examples using md5() for password encryption.
>>>
>>> http://zf2.readthedocs.org/en/latest/modules/zend.authentication.adapter.dbtable.html
>>>
>>> I wonder if it is possible to use adapter if I encrypt the passwords
>>> with Bcrypt.
>>>
>>> http://zf2.readthedocs.org/en/latest/modules/zend.crypt.password.html
>>>
>>> Has anyone managed to combine these two components?
>>>
>>> Regards,
>>>
>>> Ralf
>> The example seems to use build in md5 function of the DB adapter. SQLite
>> in this case (though I'm not sure if sqlite has md5() ).
>> Using md5 for password hashing is considered bad practice, as it has
>> proven to be vulnerable.
>>
>> Another part where the manual gives bad security hints is the green box
>> saying:
>> "You can improve security even more by using a static salt value hard
>> coded into your application. In the case that your database is
>> compromised (e. g. by an SQL injection attack) but your web server is
>> intact your data is still unusable for the attacker."
>>
>> Password salt should be RANDOM, and different for every user. With
>> static salt You risk having collisions in your own database (where 2
>> users have the same password).
>
> I think this section of the docs is according to using a dynamic salt AND a static salt. Just a hard coded salt or a dynamic salt doesn't make much sense to me.
>

I would discourage the use of pepper.

https://wiki.php.net/rfc/password_hash#the_api_does_not_support_pepper


>>
>> Therefore I think both md5 and the static salt proposal should be
>> removed from the manual page. I also do not believe SQLite has MD5
>> function...
>>
>> Regards
>>
>> PiotrN