The recent attack on, and compromise of LinkedIn and their password data has highlighted the need for strong authentication practices, and a lack of awareness among certain developers of security best-practice.
The Need for Password Salting
'Salting' refers to the process of combining a piece of user-supplied data, in this case their password, with a randomly generated string, in order to make brute-force attacks against the resulting hash much more difficult.
It would appear, from all the reports coming out about the LinkedIn attack, that the developers at LinkedIn did not apply salts to the passwords before they were hashed and stored in the database - they also used a hashing algorithm that is known to be insecure, but that is a topic for another post.
Consider the following scenario:
plaintext password: 12345
salt value: e17331cb86ca9bc67744f962539b09067b32a174b4a50ce6aa2a3d07ee20596de93a229b75bfb3
resulting password hash: ad61959566d4ea5542d652ed8a292af8e41af006059be00d5dea266441506f8b4dd5928064857b6
now, if another user signs up:
plaintext password: 12345
salt value: 8bf8d7f32debc1968641a58d2d724b5e9198477d542aee66014b735f9e7bd64008e51d2afc48e70
resulting password hash: 942b078e31b1dba668943067f6450164c6837769b75cd50edda2126bd1a5a0e4453c66f72801b9
Notice the difference? The users selected exactly the same, weak password, but, as the salt values used in the hashing process were different, the resulting password hashes, stored in the database, are different.
There is no realistic limit to the method you select for generating your salt values, or how you combine them with the plaintext password to generate the hashes, in the above examples, I hashed a randomly generated number, and then combined that hash with the plaintext password to generate the password hashes.
I could just have easily taken the current UNIX time and used that as the salt value (having hashed it first, otherwise my salt values would be extremely predictable).
A really secure salt value generation mechanism would be to use the UNIX random data device (/dev/urandom or /dev/random) to output a few bytes of random data into a file, then hash that, store the hash as the salt value and then delete the file, but that would be potentially problematic if a large number of users signed up at the same time, and your server ran out of disk space.
You will have to store the salt value in your database, so you can use it to construct the hash whenever your users log in, but there is no easy way of taking the hash and the salt value and reversing the process to find the plaintext password. An attacker would have to generate hashes for every word + every salt value in your database which means it would take a very long time, and the recovered passwords would most likely be useless by the time they had finished.
Additional Security Measures
If you feel that even developing a sophisticated salting algorithm would still not provide your users with sufficient protection, there is always the option of implementing 2-factor authentication systems to make it even harder for users accounts to be compromised, even if the attackers manage to work out their passwords.
Most of us who use Internet Banking will be familiar with some form of 2-factor authentication device. HSBC sends their business customers a small token that generates a random 6-digit number every 60 seconds, which the servers responsible for authenticating you have calculated as well, ensuring that they can verify you are in possession of the token.
Yubico, a company I have mentioned in a past post regarding storing and generating strong passwords, produces a small device, the size of a USB drive, that plugs into a USB port on your computer and enters a random string into the selected input field every time the button on the surface is pressed. These random strings are also tied to an Internet-based verification server, and due to the open-source nature of the product, implementing support for a Yubikey in your application is a simple matter of implementing their API.
It is my belief that, given the power of current generation graphics cards, and the existence of tools that utilise them for password cracking, making a process that once required a vast number of networked computers accessible to anyone with the money to buy such a card, the implementation of multiple factors of authentication, either using established technologies like RSA SecureID, or the services and hardware provided by companies like Yubico, is vital to the continued development and protection of online systems.
Leave a Reply