Query related to my encryption

46 Views Asked by At

so i have a login system and i have used some security measures to make it secure. Firstly i salt my passwords:

$salt = openssl_random_pseudo_bytes(1024);
file_put_contents("salt.txt", $salt); 

Next i hash it using the whirlpool algorithm:

function myhash($password){ 
    $salt = file_get_contents("private/salt.txt");
    $password = hash_hmac('whirlpool',$password,$salt);
    return $password;
}

This is an example of the password that would get returned and stored in the Database:

56a8cf545750eec78cb58582829636b1e0378cf0fff4982305a7171f06593fb92735d3576f0ad7ba8aec40c914abc38424885cb7ac2672b1d8da36e3b95c80ce

Now my question: If a hacker was able to recover that long string above, would they be able to somehow reverse/decrypt it to return them the actual password. Let me know what you guys think/know, is it impossible?

This is not a thread for people to suggest other things to me, please keep answers strictly related to the single question.

2

There are 2 best solutions below

1
On BEST ANSWER

Short answer "NO". whirlpool is fairly strong hashing algorithm (not encryption algorithm as encryption assumes ability to decrypt in some way). Salt (AKA shared key) just makes is even stronger. But having the same salt for everyone does not make it much weaker but makes it possible to find out who has the same password (without knowing the password itself).

Better use of salt is that it is randomly generated before use in hash function (and it does not need to be 1024 bytes - 8 bytes is more than enough for salt) and then prepended to resulting hash. This way function which will check the password knows which salt must be used and what hash is expected.

Whirlpool algorithm has no known weaknesses and uses 512 bit. Therefore it is regarded as secure. However I personally have two negative views on it:

  1. It underwent two modifications from its inception in 2000
  2. It is less used than other algorithms (namely SHA512).

So my personal view is that nothing wrong with your code and it is quite secure. But you may be better off switching to SHA512.

Only way to recover password from that long string is brute force for VERY LONG TIME (if password is strong of course) or may be using some technology from NSA :)

1
On

One area of attack seems to be that two same passwords result in the same string, because you use the same salt for everyone.

So without decrypting anything, they can already tell who has the same password. That probably indicates weak passwords, and they can start brute-forcing there.