Security Basics mailing list archives
RE: MD5-Hash of a SHA-1-Hash unsecure?
From: "David Gillett" <gillettdavid () fhda edu>
Date: Fri, 5 Dec 2008 14:34:00 -0800
"Less secure" than what? I can't tell what the other side of the comparison is supposed to be. Could this be made more secure? Well, your IV is being deterministically generated from the password chosen by the user, and so that password is your actual bits of key strength -- probably not very much, since users tend to like short words as passwords. Algorithmically turning a short password into an IV doesn't really make it any stronger. Nor does the information you've provided say how you get the password securely from browser to server -- maybe you're punting that issue to SSL to handle? I think the usual way to improve a scheme like this is to add a shared secret ("salt") to the password before hashing, some value that both parties know but that never gets transmitted between them. So the hash is not just a derivative of the password, but also of knowledge available to legitimate clients and not (readily) available to others. Exactly how to implement this will depend on other characteristics of your environment. David Gillett
-----Original Message----- From: Andre Pawlowski [mailto:sqall () h4des org] Sent: Friday, December 05, 2008 12:19 AM To: security-basics () securityfocus com Subject: MD5-Hash of a SHA-1-Hash unsecure? Hey guys, I've written a program which can store files encrypted ( http://h4des.org/index.php?inhalt=kastalia ). The user enters a password when he wants to encrypt a file. The programm makes a SHA-1-Hash of this password and transfers it from the browser to the server. When the encryption starts, the program makes a MD5-Hash of this SHA-1-Hash for the IV of the blowfish algorithm. Here is my question: Is it less secure when I make a MD5-Hash of a SHA-1-Hash? Regards, -- [] Andre Pawlowski visit http://h4des.org
Current thread:
- MD5-Hash of a SHA-1-Hash unsecure? Andre Pawlowski (Dec 05)
- RE: MD5-Hash of a SHA-1-Hash unsecure? David Gillett (Dec 08)
- Re: MD5-Hash of a SHA-1-Hash unsecure? Andre Pawlowski (Dec 08)
- Re: MD5-Hash of a SHA-1-Hash unsecure? Alexander Klimov (Dec 08)
- <Possible follow-ups>
- Re: MD5-Hash of a SHA-1-Hash unsecure? jason . gerfen (Dec 05)
- Re: MD5-Hash of a SHA-1-Hash unsecure? Tom Ritter (Dec 08)
- Re: Re: MD5-Hash of a SHA-1-Hash unsecure? asdfs (Dec 09)
- RE: MD5-Hash of a SHA-1-Hash unsecure? David Gillett (Dec 08)