PHP Now Supports Argon2 Next-Generation Password Hashing Algorithm (bleepingcomputer.com) 94
An anonymous reader quotes Bleeping Computer: PHP got a whole lot more secure this week with the release of the 7.2 branch, a version that improves and modernizes the language's support for cryptography and password hashing algorithms.
Of all changes, the most significant is, by far, the support for Argon2, a password hashing algorithm developed in the early 2010s. Back in 2015, Argon2 beat 23 other algorithms to win the Password Hashing Competition, and is now in the midst of becoming a universally recognized Internet standard at the Internet Engineering Task Force (IETF), the reward for winning the contest. The algorithm is currently considered to be superior to Bcrypt, today's most widely used password hashing function, in terms of both security and cost-effectiveness, and is also slated to become a favorite among cryptocurrencies, as it can also handle proof-of-work operations.
The other major change in PHP 7.2 was the removal of the old Mcrypt cryptographic library from the PHP core and the addition of Libsodium, a more modern alternative.
Of all changes, the most significant is, by far, the support for Argon2, a password hashing algorithm developed in the early 2010s. Back in 2015, Argon2 beat 23 other algorithms to win the Password Hashing Competition, and is now in the midst of becoming a universally recognized Internet standard at the Internet Engineering Task Force (IETF), the reward for winning the contest. The algorithm is currently considered to be superior to Bcrypt, today's most widely used password hashing function, in terms of both security and cost-effectiveness, and is also slated to become a favorite among cryptocurrencies, as it can also handle proof-of-work operations.
The other major change in PHP 7.2 was the removal of the old Mcrypt cryptographic library from the PHP core and the addition of Libsodium, a more modern alternative.
Jeez (Score:1)
I just got done converting everything to bcrypt!
Re:Oh, wow! (Score:5, Insightful)
Facebook, Laravel, Own/Nextcloud, Wikipedia, Wordpress, ... more than 80% of the web runs on PHP.
Re: (Score:1)
Uh... https://developers.slashdot.org/story/17/02/21/2039256/php-becomes-first-programming-language-to-add-modern-cryptography-library-in-its-core
Re: (Score:2)
And don't forget https://developers.slashdot.or... [slashdot.org]
Re: (Score:1)
CREIMER' SUBMISSIONS UPDATE: /. so make sure to go to:
Note also that creimer is trying to regain karma by getting his submissions published as articles on
https://slashdot.org/~cdreimer [slashdot.org]
and mod down his submissions as well. The great thing is that you don't even need mod points to mod down a submission, just click on the "minus" icon!
creimer wrote:
I don't bother with mod points. I'm doing something much more sinister. It took ten story submissions ? I'll have to double check the number ? to move cdreimer's karma from neutral to excellent without ever being exposed to the capricious mods. Mmmmmwwwwahahahahahahaha!
https://slashdot.org/comments.... [slashdot.org]
Danger, Will Robinson, Danger! Creimy is posting more than 2 posts a day. Hurry! mod down otherwise /. will go to hell again!
Note:
Re: (Score:3)
Facebook, Laravel, Own/Nextcloud, Wikipedia, Wordpress, ... more than 80% of the web runs on PHP.
I've heard of maybe half of those, I didn't realize all of them were still around.
I remember letting people run php on my shell/web server some 15 years ago. And how quickly the default installation was hacked and webpages were defaced. For me it wasn't worth the effort necessary to set it up properly.
Great (Score:4, Insightful)
So now all we have to worry about with PHP is everything else.
Re: (Score:2)
Which is the same for Ruby, Python, Perl, .Net, Java, Go and every other language. If you don't know how to code, the language doesn't matter.
Perhaps a more constructive comment next time ?
Re: (Score:1)
All languages have issues. But PHP is in a special category of bad. It is a language for and by hacks.
Re: (Score:2)
Just shows that core PHP developers are committed.
Still too easy to make mistakes, that's it's biggest flaw. Too many new programmers copy/pasting outdated code from examples on internet without understanding how it works, and it allows you to do pretty much everything. With proper design, and testing this is not an issue, but again.. many don't do a
Re: (Score:2)
Has the NSA been involved in this crypto scheme?
Re: (Score:2)
“There are only two kinds of languages: the ones people complain about and the ones nobody uses.”—Bjarne Stroustrup
Hashing (Score:2)
I usually store passwords salted and hashed 100 to 500 thousand times with SHA-256 or MD5.
Should I switch to this now ?
Re: (Score:3)
Dude, that's way too much sodium!
Re: (Score:2)
Which means it is a lossy type of compression. Deliberately lossy and very sensitive to small changes in the input (avalanche effect) but still a type of compression.
Re: (Score:2)
bcrypt is still great (Score:2)
My own tests with Argon2 prove that with it's lowest setting it loads my current server down too much for the hash rate I was getting with bcrypt. I do not have the ability to fine tune it's server load well enough at this point so I've not switched over password hashing to it at this time. Also, I have less free RAM than I'd like to allocate so the benefits of argon2 are significantly limited for me at this time... It is going to be a trade off between server resources and massively parallel GPU attacks a
Re: (Score:2)
"I usually store passwords salted and hashed 100 to 500 thousand times with SHA-256 or MD5.
Should I switch to this now ?"
Argon 2? No, Helium 3 is apparently the future.
Re: (Score:2)
Argon 2? No, Helium 3 is apparently the future
Not to mention that Russians have already been using Argon-16 for decades. So PHP is fourteen versions behind!
Re: (Score:2)
Care to elaborate ?
How is this supposed to work? (Score:1)
If I understand correctly, Argon2 is "memory hard" hashing. It takes a lot of memory to run efficiently in an effort to confound FPGAs and ASICs. How is this supposed to work in an embedded system such as IoT? Those devices are very tiny and might not have enough memory. Isn't delaying 1 second after a failed password attempt enough?
Re: (Score:2)
Please (Score:5, Insightful)
Author knows nothing about security. Updated crypto algorithms / libraries have next to nothing to do with application security.
How many apps are hacked through outdated crypto algorithms? Now how many are hacked through unchecked user input, careless key/password handling, privilege escalation, default passwords, sensitive files left in open locations, and other programming errors?
There's a reason OpenBSD is one of (if not the) most secure operating systems. Code audits, careful input / output checking, sane error handling, etc. It has nothing to do with crypto algorithms.
Re:Please (Score:5, Insightful)
Author knows nothing about security. Updated crypto algorithms / libraries have next to nothing to do with application security. How many apps are hacked through outdated crypto algorithms?
You've missed the point. This is a second line of defense intended to protect your users after your app has been hacked, when the attacker has dumped your database of password hashes. It helps to prevent them from using GPU-accelerated brute forcing to reverse user passwords that would then be plugged into other websites.
Re:Please (Score:5, Insightful)
Well... you have to remember the context. There was a time when php’s crypto was fundamentally broken, and its developers apparently debated whether they were going to fix it or not.
Php has had an abysmal security history - so these sorts of steps are important moves in the right direction.
That doesn't make PHP more secure (Score:2)
PHP got a whole lot more secure this week with the release of the 7.2 branch, a version that improves and modernizes the language's support for cryptography and password hashing algorithms.
Adding new cryptography and hashing methods doesn't make the language itself more secure.
Re: (Score:2)
Compared to the limited and less secure hashing previously available, I'd suggest that it does make it more secure. It wouldn't address the other commonplace issues.
That's nice but Argon2 has problems (Score:1)
There was a mismatch between the specification and the example code/known answers.
Unless that's been fixed in the last few weeks anyone implementing Argon2 will get burned.
This is what makes PHP so powerful. (Score:3)
The PHP crew doesn't hesitate for a second to add in a feature that's useful. PHP gets the job done and that's why it's still holding it's ground even after each and every rails and node fad that comes along.
Re: (Score:2)
The reason I used PHP is because when I started my web site, I bought space on a shared server, and the only languages available were Perl and PHP. Perl was a PITA because of all the shebang lines (among other annoyances when you don't have admin rights).
In my case, much like JavaScript, I used it because it was really the only option -- not a good one.
Re: (Score:2)
Wait...really?
Perl is a PITA because you have to write "#! /usr/bin/env perl" at the top of your script instead of just mashing out a bunch of html mixed with code?
Re: (Score:2)
It is on shared hosts when they implement stupid security rules that break things. When I started I was just writing my own homepage and a simple BBS -- no way was I going to pay for dedicated hosting for that.
After more than a decade maybe things are different today, but back then, only PHP worked reliably.
Re: (Score:2)
There are plenty of people using Perl on shared hosts, so it really shouldn't be a problem. As far as modules go, I can't imagine what would be available in a default PHP that wouldn't be provided for Perl on a shared host, but there are plenty of ways to install local modules if need be. Heck, you can even install a full Perl distribution locally and avoid the system Perl entirely, which is something you cannot do with PHP. Also, Perl had CGI::Application (http://search.cpan.org/~markstos/CGI-Application-4