Friday, 22 December 2017

Internet Security III: Salting Your Hashes

I dream therefore I Am.

Salting your hashes helps protect against rainbow attacks. No I'm not making this up, this is fairly basic web security.

If you waded through my previous rambles on this topic you'll recall that hashing is a way of protecting user passwords. A hash is an algorithm that generates a very large number from data (often text). The hash represents the data, kind of like a fingerprint. Hashing can be used as a way to verify that data hasn't been tampered with - if the hash is transmitted with the data then you can hash the data yourself and check it matches what is expected. Hashing is also a way to check passwords without having to store the password. When a user supplies a password the password can be turned into a hash and compared with the stored hash. If the two hashes match then the user has supplied the right password and this can be done without having to store the password. This improves security because if you don't store the password you can't leak the password.

Unfortunately however, as I explained, this is vulnerable to a type of attack called a "brute force" attack. If an attacker knows the hashing algorithm in use they can simply try every possible password until they find the one that matches the hash. One way to reduce the risk of this is to use a very slow hashing algorithm, so that trying every possible password becomes very difficult.

Alas, the bad folk are as intelligent as the good folk. Our saving grace is that being good requires less deception which in the long run makes it more effective, the problem then is trust and there are various ways to establish trust or to co-operate with people without having to trust. All topics for future ruminations.

Although slow hashing protects against brute force in theory, there's another class of attack it doesn't prevent and these are called "rainbow table" attacks. (Don't ask me why, but I bet google knows - probably because a rainbow has all the colours.) As well as computers getting vastly faster (I refuse to use the word exponentially because it actually has a meaning and this aint it) storage has become vastly cheaper too. There are only a finite number of common slow hashing algorithms and if you want to be secure you ought to be using a well understood one. Sadly that means an algorithm known to your attacker too. For those not in the know, which now doesn't include all UK schoolkids below a certain age, an algorithm is a series of steps to achieve a result. Like a cooking recipe. I love that children are now taught this.

An attacker who knows what hashing algorithm you're using can pre-compute all the hashes of every possible password. This is called a rainbow table. It takes a lot of time and a lot of storage space, but once it's done it's done and then your one way hash is broken! The point of a one way hash is that it's easy to turn a password into a hash but hard to turn a hash back into a password. If you've calculated all the possible hashes of all the possible passwords then it's easy to go from a hash back to a password - you just look it up in your rainbow table!

This incidentally is why password security nowadays is mostly dependent only on the length of the password you pick. Working out all the possible hashes for a five character password is mahoosively easier than every possible hash for a ten character password. The comic-and-generally-all-round-genius XKCD recommends that instead of picking a password you should use a pass-phrase, and maybe throw in a number and symbol to throw off dictionary attacks (passwords comprised of words in the dictionary are common, so attackers try these first). Added to this "my-horse-only-p33s-in-the-bedroom" is much easier to remember than "f&fadjsd!!00ffr". The pass-phrase is dramatically more secure, simply because it's longer and it would take a million more computers for a million more years to break it (uhmm, approximately). This is why websites that have a maximum length for your password are being stupid as well as lazy. They've made a security decision to make lives easier on their database rather than making a security decision for security.

The way round this is to salt your hashes. Instead of hashing just the password you pick a random salt (a word or string of characters) and hash the password plus the salt. You need to store the salt alongside the hash, and always use it when checking the password. Now a rainbow attack doesn't work because each password has a different salt, so they'd need a different rainbow table for each "password plus salt" combination. So even if your database of password hashes plus salts leaks the attacker still has to compute or already have a rainbow table for every salt. Effectively you just made every password a lot longer, and longer in a different way for each password, making the required rainbow table required to break it vastly (exponentially?) bigger. At some point, as computers continue to get faster and storage cheaper, this will not be enough, but at that point you can migrate your database to a different hashing algorithm and a longer salt. There are established techniques (annoying to do but well understood) for this migration process.

At this point it seems right to mention that it's not just salted hashes I'm a fan of, but the current fad of salted caramel is right up my alley (if you know what I mean) and Christmas is nearly upon us!

You may also be interested in the following programming related articles:

"It's not so much that I don't fit in a box, it's more that I really resent being pushed into a box that I'd probably fit into if I wanted."

Tuesday, 19 December 2017

Internet Security II: Slowing Things Down

"You will not be punished for your anger; you will be punished by your anger." -- Buddhist proverb

Here's an interesting geeky snippet you probably don't know. The substantial part of progress in computing technology over the last handful of decades has been about making computers, and computational processes, faster and more efficient. However, there is one very important area of computing technology where significant improvements have been made in deliberately making things slower and less efficient (and no it's not Windows startup time - that's just a coincidence). Making the process more "computationally expensive" as us geeks like to say, just so that you think we're clever and will hopefully pay us more money.
By now some of my geek friends will already know what I'm talking about, because this actually is a rarity. Normally when we make things slower it's by mistake, there really are very few things we *try* to make slower. What I'm talking about is a facet of computer security to do with the processing of passwords.
Basic web security says that you never (ever) store user passwords. If you store a user password, however carefully, there's a chance it can be found. If you don't store the password it can't. Standard practise, which reduces rather than eliminates risk, is instead to store a "one way hash" (actually a salted one way hash, maybe another day I'll explain salting). A hash of a password is effectively a very, very large number, and everything in computers is a number when it comes down to it, that represents the password. Given a password typed in by the user you can put it through the algorithm that turns it into a hash and compare it with the stored hash. If they match then the user has supplied the right password and if it doesn't they haven't, and yes this means there is an infinitesimally small chance that by coincidence someone could supply a wrong password that happens to hash the same way - this is a tiny but literally calculated risk. This way you can still check if the user has given you the right password without having to actually store their password. It's called a one way hash because you can go from a password to a hash easily but not easily back from a hash to a password. Genius, right?
Except modern computers are astonishingly fast, and what's more nowadays you can trivially easily (honestly) use cloud computing to perform similar calculations on hundreds of computers simultaneously. So even with hashing in place it's possible to just try every possible password until you eventually find the right one. This is called a "brute force" attack. (There are a whole class of computing problems where "brute force" is the only known way of finding the best solution, these are called "NP hard" problems and they include the knapsack problem and the travelling salesman problem, which are problems delivery drivers have to solve every working day. Delivery drivers solve these problems a similar way to how programmers solve NP hard problems that they can't actually use brute force on because it's too slow; take a best guess and get on with it.)
The solution to the problem of cracking passwords by force, or at least the best amelioration to date, is to use a hashing algorithm that is really expensive. i.e. to make the process of checking if a password is correct "computationally expensive", very slow and requiring a lot of memory. So a brute force attack, whilst still theoretically possible becomes effectively impossible in practise. There you go, slowing things down for the good of all humanity.

For the true geeks amongst you, up until recently the recommended slow hashing algorithm was one called "PBKDF2". The latest hotness, I believe, is called "Argon2". Slow hashing is a rapidly changing field.

The looming scary monster on the horizon is not the ordinary progress of computing technology we've seen so far, you'd still probably have to have a million computers churning away until the heat death of the universe to crack some of our codes. The scary thing is the maybe-real-maybe-not-who-knows quantum computing which is gradually emerging. This takes a completely different approach to solving this kind of problem, and if we ever get it right. Well, that's a whole different kettle of ball games. The bottom line is that no-one knows what scary terrors await us on the other side of the future, and the only sensible thing to do in the meantime is make sure you enjoy today and cuddle the people you love. A lot.

You may also be interested in the following programming related articles:

"There's an Islamic teaching that one of the prayers that is never refused or not granted is one for true guidance and truth. It is, after all, the only key to open the door. Just ask.

Friday, 15 December 2017

Twagging and the Garden Hip Hop

Non-magical thinking on magickal topics.
Twagging was the Northern English vernacular for cutting school back when I was a wee nipper. Something I never did, nor did I ever receive a detention. Signs of a seriously misspent youth of which I am appropriately ashamed.

A pasttime I did indulge in was garden hopping. This involved finding a row of suburban dwellings with adjacent gardens separated by fences, normally six foot high. Just high enough for a kid to shinny over. So long as the fences at the start of the row and the end of the row are bordered by roads or paths it's possible to scramble from start to finish with the only obstacle between being a series of fences in various states of disrepair and angry occupants similarly in varying states of disrepair. Even if the occupants were in the garden and could see you coming they were usually surprised enough that you could get across their garden and into the next before they'd even decided they ought to try and stop you. Looking back to see their faces was fun but ill-advised as once you start you better not stop until you get to the end.

I don't think we ever got caught, and we rarely demolished too many fences along the way, but we certainly had some near misses. Such a great form of exercise and a hearty adrenaline kick to boot.

Of course as a young adult at university we had moved beyond such childish pasttimes to much more sophisticated means of entertainment. Bridge hopping was one of my favourite. We'd hire a punt on the river Cam and load it up with beer and marijuana. Many of the bridges on the river cam are just low enough that standing at the front of punt it's possible to pull yourself up onto the bridge, dash to the other side and get back into the punt before it has moved out of range.

How hard this is depends on just how much of the beer and marijuana you've consumed, and just how much your friends want to see you dunked in the cam by getting the punt far enough out of reach before you can get back in.

Such fun.

"I know I am wrong in so many ways, but I'm willing to be right wherever it may take me and whatever it may cost me."