-1

I'm kind of curious: Why would we store a password in a database when we can just encrypt a phrase such as "unlock me" using that password and then, at login, seeing if the encrypted phrase can be successfully decrypted with that key? The way I see it, there is one advantage: If someone should hack into a computer network and gain access to your account, if the encrypter uses an algorithm impervious to known-plaintext attacks, they could change the password but would "never" be able to obtain the original password, thus enabling you to use that password on more secure sites.

Come to think of it, we can - and probably do - use a similar technique in password managers.

moonman239
  • 121
  • 4
  • You might be interested in the Microsoft Passport feature that's in Windows 10 – mostlyinformed Sep 26 '15 at 03:04
  • http://blogs.technet.com/b/ad/archive/2015/07/21/microsoft-passport-and-azure-ad-eliminating-passwords-one-device-at-a-time.aspx. Well, it will be in Windows 10 after an update set for later this fall, anyway. But, of course MS is hardly the first to pursue the idea of using two-key cryptography to replace password based-auth for consumers, though if Passport succeeds (a big if) it would be the most prominent so far. And, of course, two-key crypto is at the heart of tons of certificate & signing-based auth mechanisms not specifically intended to replace passwords. – mostlyinformed Sep 26 '15 at 03:17
  • You shouldn't ever store passwords in a database - see https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords – Neil Smithline Sep 26 '15 at 03:36

1 Answers1

-1

If you encrypt the same phrase for all users, this will cause two main issues:

  • Two users sharing the same password will be immediately identifiable since they will share the same encrypted version of it,
  • Bruteforce attack against this base will be easy, since it will be sufficient to calculate only one password hash to compare them to all user in order to determine if one user uses this password.

Of course, you could then try to use a different string for each users, like this person who thought about the same scheme as you but used the username instead of a fixed hardcoded sentence.

But even there, you will end-up with the major issue that encryption function are designed to be fast and require as few resources as possible. This is also a great present for brute-force attacks since this means that a huge number of passwords will be tried in a very short amount of time.

So, the conclusion of all this is that, when trying to protect authentication passwords, you should definitively rely on functions specially crafted for this usage.

WhiteWinterWolf
  • 19,142
  • 4
  • 59
  • 107
  • You should inform the op about how to safely store passwords using a non reversable hash and cryptography (both symmetric and asymmetric) should and could be used. – jas- Sep 26 '15 at 11:01
  • @jas-: what do you suggest? I've already explained the OP the limitations of his suggestion, why trying to circumvent them himself is most likely doomed, told that there are functions specially designed to address these limitation and linked to our reference thread on the subject. I do not see what more I can add on the subject. – WhiteWinterWolf Sep 26 '15 at 11:35
  • i.e. NIST's Guide to Enterprise Password Management (http://csrc.nist.gov/publications/drafts/800-118/draft-sp800-118.pdf), Secure Hashing Algorithms (http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf), Recommendations for Key Derivation (http://csrc.nist.gov/publications/nistpubs/800-108/sp800-108.pdf), Electronic Authentication Guidelines (http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63-2.pdf) & the Supplemental guide to Authorization (http://csrc.nist.gov/publications/nistpubs/800-37-rev1/nist_oa_guidance.pdf). – jas- Sep 26 '15 at 11:43
  • @jas- These document would be more appropriate in the linked thread, "[How to securely hash passwords?](http://security.stackexchange.com/q/211/32746)" than they would be here since they are general recommendations and do not directly address the OP question regarding his own, self-made authentication password storage scheme. – WhiteWinterWolf Sep 26 '15 at 11:49
  • @jas- Moreover, regarding your first post, if "*cryptography (both symmetric and asymmetric) should and could be used*" applies to server-side password storage, I'm sorry but this is not true, you must use specific password hashing functions, using general purpose encryption algorithm will just make you password database easier to brute-force. Password encryption can only be used client-side, when there is a need to decrypt the password in order to contact a remote server. – WhiteWinterWolf Sep 26 '15 at 11:51
  • You obviously didn't read the reference material as you already know there is a layered approach to security. Handling authentication data is no different and the resources provided are in sequential order of the layering needed to provide the security the OP is requesting feedback about. – jas- Sep 26 '15 at 11:55
  • 2
    @jas-: If you do not agree with my answer, just feel free to write your own, this is precisely the purpose of this site: collect several different possible answers to the same question :) ! – WhiteWinterWolf Sep 26 '15 at 12:04