Ask HN: store password - no hash, but aes
It's just an idea....what's your opinion?
Instead of using md5 and similar (too fast to calculate, and rainbow tables attack too - if not salted) my idea is:
-create a cleartext (even public); -use the password you want to store to encrypt this text, using aes256 for example; -save the encrypted text;
verify your password (on user input) encrypting the clear text and checking if it matches with stored encrypted password.
Pros: -it's more slow to calculate (and so less easy to brute force) -being the cleartext different on each "server" there's now way to have a rainbow table!
opinions? cheers, aw4y
8 comments
[ 0.28 ms ] story [ 31.9 ms ] thread[1]: http://en.wikipedia.org/wiki/Known-plaintext_attack#Present_...
Though what your doing with the plaintext that is encrypted is iin effect adding a salt that actualy allows easier brute forcing as it does not compliment the the encryption but offers a fixed point ability to verifiy that you have broken the password.
Also AES256 isn't imune from being brute forced, not nth bit encryption is imune.
But remember that any password used on the web is only as good as the transport layer used to convey it and in that you could have the best encryption in the world, but when it is entered via a http connection in plaintext it becomes moot and when it is via https, then it is down to the encryption used for that connection.
Security is often the longest path to the weakest link and that sadly is still a weak link - some call them users, some call them bad passwords and some just call them and ask them for there passwords!
Summary: you have taken the salt aspect and made it a public cleartext password whilst at the sametime removing the extra entropy it affords. You could probably get a job at Linkedin though as you have done better than they did.
https://www.owasp.org/index.php/Hashing_Java
"A salt is a random number of a fixed length. This salt must be different for each stored entry. It must be stored as clear text next to the hashed password."
the only difference I see it that the salt is different for each password, instead my "solution" uses a cleartext for all password...am I wrong?