问题
In ColdFusion, What is the best best of doing a user login password comparison with the database that will encrypt the password between the client and server?
I noticed there's a javascript version at http://pajhome.org.uk/crypt/md5/index.html
but what can be done for users without javascript enabled?
回答1:
These points are not specific to coldfusion, but I feel I must state them:
- Do the hash server-side.
The point of hashing is to make it really hard to figure out what to send the server in order to produce the string it matches with the DB. If you just match the string given by the client with the DB entry, you're defeating the purpose.
- Don't use MD5.
It's broken. There are ways to defeat it. Don't use it.
- If you're worried about the password being exposed on the way to the server, use TLS.
TLS is designed for making communications between a client and a server opaque to anyone else. The biggest problem with it is the recent BEAST attack, which won't work if you implement it right.
- Use a secure hash like SHA-256.
As far as we know, SHA-256 is pretty damn secure. The best known attack on it reduces the time complexity by 2 bits, which doesn't make an attack practical.
- Use a random salt, unique to each user.
A precomputed rainbow table for 2^50-bit space would take 256 petabytes of storage, and one for 2^256 space would take an enormous amount more. However, due to the Birthday Problem, it's conceivable that some of your users' accounts could be compromised if you do not salt their hashes.
- Hash multiple times. On the order of thousands of times.
If your DB is compromised, a hash might mean that your average user's password is found in years. If you has thousands of times, that would mean thousands of years.
Some additional points, to address misconceptions it looks like you have:
- A cryptographic hash is one-way. You can't decrypt it. If you find a practical way to decrypt it, then you will become rich and (in)famous.
- Standard HTTP is not secure. Anyone can eavesdrop and intercept your password that is being POSTed in plaintext, or hashed. If your server doesn't demand an encrypted connection for sensitive data, you're asking for a replay attack (http://en.wikipedia.org/wiki/Replay_attack).
- You can make your own SSL certificate. If you're worried about your users seeing "this SSL Cert is self signed! Oh noes!" and being scared off, either do without and take the risk, or cough up the cash.
来源:https://stackoverflow.com/questions/7669374/coldfusion-salting-my-hash