Comments (4)
@jeremyevans I could be off-base, but it sounds like you may be confusing the purpose of the salt and the pepper.
The salt, from what I understand, is intended purely to protect against rainbow table attacks. There is no issue with an attacker having access to both the hash and the salt, as the salt has already done its job in protecting against pre-computation attacks.
Having a secret stored separately from the hash is the duty of the pepper, which this library does support natively within the public API. What you've described using the salt for within Rodauth, should instead be the pepper which is kept entirely separate from the database storing password hashes/salts.
This is why the salt is plaintext (b64 encoded) and included in the final digest Argon2 produces; it's not actually important for it to be kept separate from the hash for it to fulfill its purpose.
(Again, grain of salt. I could totally be wrong on this. This is just the understanding I've built up while working with Sorcery)
from ruby-argon2.
@athix You are off base :). With a password hash, an attacker can try to bruteforce the password. Without a password hash, an attacker cannot. With Rodauth's design, because an attacker doesn't have access to the hash itself, the only way they can bruteforce a password is to issue a database query for each check (candidate password hashes are checked using a security definer database function that doesn't provide an attacker access to the actual password hash), which is going to be much slower than attempting to bruteforce the password on an FPGA/ASIC.
Let's say you are an attacker and you have access to a password hash. It doesn't matter if the password is peppered or not, you can still try to bruteforce it. Additionally, if an attacker has compromised your environment to such an extent that they have access to password hashes, they likely have access to the pepper as well, in which case the cost of bruteforcing the hash is the same as having no pepper at all.
FWIW, Rodauth has support for password peppering as well. Peppering can be useful when you cannot use Rodauth's more secure default approach of checking passwords using a database function.
from ruby-argon2.
Breaking changes are not on. I'm reverting this immediately. It's not like something named salt_do_not_supply was confusing to users.
from ruby-argon2.
Let's say you are an attacker and you have access to a password hash. It doesn't matter if the password is peppered or not, you can still try to bruteforce it.
From what I've researched so far, this is exactly the purpose of the pepper, per Argon2 README:
The secret parameter, which is used for keyed hashing. This allows a secret key to be input at hashing time (from some external location) and be folded into the value of the hash. This means that even if your salts and hashes are compromised, an attacker cannot brute-force to find the password without the key.
That said, this library is @technion rodeo, and it looks like this is being reverted either way. Problem solved 🎉
from ruby-argon2.
Related Issues (20)
- Argon2id binding HOT 17
- Gem fails to build under FreeBSD 12.0 HOT 8
- Unsigned RubyGem HOT 3
- Required Ruby Version unclear based on gemspec HOT 4
- Rubocop issues HOT 2
- Incompatible with other versions of Argon2 HOT 1
- RubyGems and Github naming mismatch HOT 2
- Allow providing parallelism cost parameter HOT 4
- Error when attempting to use fork HOT 12
- legacy.rb test unused and in broken state HOT 2
- Github Org for improved SEO HOT 2
- Unable to install latest on master via Bundler HOT 2
- Fails to load with Rubygems 3.4 HOT 36
- RBS issue - Cannot find type `FFI::Library` HOT 1
- Memory cost definition HOT 2
- Incorrect initialization checks: `ARGON2_MEMORY_TOO_LITTLE` raised when m_cost < 3 HOT 1
- Cannot specify memory costs that aren't `2^N` HOT 2
- Default argon2.online builds a hash which ruby_argon2 cant verify HOT 1
- Add OWASP recommendations as additional profiles? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ruby-argon2.