#246 user_table: using SHA-2 instead of MD5

XOOPS_2.0.x
open
nobody
Core (214)
7
2012-09-25
2006-11-19
bubuche930
No

Hello,
Everyone knows that MD5 and SHA-1 are cracked, so could it be possible to encrypt the user's password using SHA-256 (or higher) for xoops 2.0.16?

My user database was compromised recently, this is a very important function for me !

Thanks,
Buche

Discussion

  • zyspec
    zyspec
    2007-05-09

    Logged In: YES
    user_id=1536595
    Originator: NO

    There are PHP5 commands (hash, hash_algos, etc) which would make selecting the algorithm easy to do on an INITIAL installation. Here's some pseudo code that I believe could work:
    if (New Xoops Install) {
    if (PHP5>=5.0) {
    - present a dropdown menu to select the available hashing algorithms
    - set selected hashing algorithm
    }else{
    - set MD5 as password hashing algorithm
    }
    }else{ // an upgrade, NOT a new installation
    if (PHP>=5.0) {
    - present a dropdown menu to select the available hashing algorithms
    - set selected hashing algorithm does not match previous algorithm then
    ask admin if they want to change algorithms (CLEARLY state
    previous passwords will become non-functional and ask for another
    confirmation)
    if (confirmed-okay){
    - force new admin password be set
    - ask admin if they want to clear all user passwords, set it to a
    specific value or leave them 'as-is'
    - take action specified by admin using new algorithm
    }else{ // don't change to new algorithm
    - set Xoops to use existing algorithm
    }
    }
    }

    There are about 20 places in the Xoops core code that would need to be modified slightly to use the new algorithm.

    This wouldn't solve everyone's problem but it would allow those able to move to PHP5 to take advantage of the feature built into PHP5 with a gracefull degredation in PHP4 cases.

    A method to accomplish the same thing, for all versions of PHP Xoops supports including PHP4, would be to provide a 'snap-in' architecture that would allow other hash-algorithm providers, if they existed. IMHO this wouldn't be a great use of limited resources and less secure - because you're now counting on the alorithm providers to create secure code instead of using the built-in PHP algorithms.

    Just my 2 cents....