Is the c++ hash function reasonably safe for passwords?
It is nowhere near reasonably safe, as this hash function is not intended to be used for cryptographic purposes.
Actually, even hash functions intended to be used for cryptographic purposes (such as the now-broken MD5, good old SHA1 and even the very new SHA3) are not meant for hashing stored passwords; this is because they are designed to be fast, whereas for password security you want a hash designed to be slow in order to limit the damage if the hashes are leaked.
If you intend to hash passwords you should look up C++ (or C, as you they will be probably easier to find) implementations of bcrypt or PBKDF2; I know that Crypto++ does at least the latter.
For a detailed analysis of hashing password, see also how to securely hash passwords.
Comments
-
MarJamRob almost 2 years
Is the built in hash function in c++ reasonably safe for hashing passwords? For instance something like the below.
#include <iostream> #import <string> int main () { std::hash <std::string> hash; std::string passwordGuess; unsigned long hashedPassword = 1065148159544519853; // hash of password std::cout << "Enter your password: "; std::cin >> passwordGuess; unsigned long hashedPasswordGuess = hash(passwordGuess); if (hashedPasswordGuess == hashedPassword) { std::cout << "Password is correct!" << std::endl; } else { std::cout << "Password is wrong!" << std::endl; } }
Is this reasonably safe or not?
-
Balog Pal almost 11 yearsErr, can you please provide some support for the latter claim?
-
Waihon Yew almost 11 years@BalogPal: crypto.stackexchange.com/questions/24/…
-
Balog Pal almost 11 yearsNot really convincing about the original statement. You can generate custom amount of slowness by executing the hash algo multiple times. Using the amount itself as kind of salt. Calibrate the amount on the machine your hash checker is. Leaving the single real requirement on the hash function to be securely one-way. (sure, security is gained using a system, and based on threat model, not just by pasting together a few acronyms and hope but that leads far.)
-
Waihon Yew almost 11 years@BalogPal: Sure, that's what both of the widely-used algos that everyone recommends do. But why reinvent the wheel? Furthermore, is it reasonable to assume that me or you or anyone looking to hash some passwords knows as much about the hidden pitfalls as the people who created these methods do?
-
Balog Pal almost 11 yearsTo clarify, I'm absolutely not against the suggested algos, just find your statement (2nd para) way too vague and suggest some tuning down. and add this link: security.stackexchange.com/questions/211/…
-
Waihon Yew almost 11 years@BalogPal: Fair points, taken into account. Thanks for the suggestion.