Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ
Tải xuống
hướng dẫn là sử dụng muối không ít hơn 8 byte và không lớn hơn 16 byte. Ngay cả 8 byte là quá mức cần thiết, nhưng vì nó không có khả năng làm tổn thương hiệu quả (về không gian lưu trữ hoặc thời gian tính toán), đó là mức thấp ràng buộc để sử dụng. Về mặt kỹ thuật, bạn cần ít nhất bậc hai của số lượng | Hash Functions Chapter 5 243 guideline is to use salts no less than 8 bytes and no larger than 16 bytes. Even 8 bytes is overkill but since it is not likely to hurt performance in terms of storage space or computation time it s a good low bound to use. Technically you need at least the square of the number of credentials you plan to store. For example if your system is meant to accommodate 1000 users you need a 20-bit salt. This is due to the birthday paradox. Our suggestion of eight bytes would allow you to have slightly over four billion credentials in your list. Rehash Another common trick is to not use the hash output directly but instead re-apply the hash to the hash output a certain number of times. For example proof hash hash hash hash . hash sa t password . While not highly scientific it is a valid way of making dictionary attacks slower. If you apply the hash say 1024 times then you make a brute force search 1024 times harder. In practice the user will not likely notice. For example on an AMD Opteron 1024 invocations of SHA-1 will take roughly 720 000 CPU cycles. At the average clock rate of 2.2GHz this amounts to a mere 0.32 milliseconds. This technique is used by PKCS 5 for the same purpose. Online Passwords Online password checking is a different problem from the offline word. Here we are not privileged and attackers can intercept and modify packets between the client and server. The most important first step is to establish an anonymous secure session. An SSL session between the client and server is a good example. This makes password checking much like the offline case. Various protocols such as IKE and SRP Secure Remote Passwords http srp.stanford.edu achieve both password authentication and channel security see Chapter 9 . In the absence of such solutions it is best to use a challenge-response scheme on the password. The basic challenge response works by having the server send a random string to the client. The client then must produce the message .
