|
|
|
|
|
|
by chickopozo
4832 days ago
|
|
|
>Outside of this, no one should be using MD5 in this day and age, I would even recommend against Sha256 and other variants in that family, though I have a lot of respect for Blowfish, etc. @shanelija SHA-256 is a secure cryptographically secure hash function. It is not and was never intended nor should be used as a key derivation function. Given time and email are not unique, they should not be used as a salt. Concatenation of a salt is not the correct method either, not for KDF and not for message authentication. One of the aims of a hash functions is to be fast, really fast, super fast while making it computational infeasible to:
make a message that will hash to a given value
alter a message that when hashed will produce the same or a give value.
Find two different messages with the same hash value. bcrypt, scrypt, PBKDF2 are perfect for password storage. YOU are not off the hook yet until you repeat these 2 sentences 10 times:
A secure crypto algorithm/system/function/whatever MUST continue to be secure even if the algorithm/system/function/whatever is public. It is perfectly fine to homebrew crypto given one key condition, you never ever ever ever use it for things that matter. |
|
|