Given a TOTALLY HYPOTHETICAL scenario in which passwords for over a million acco

Question

Given a TOTALLY HYPOTHETICAL scenario in which passwords for over a million accounts in over 200 databases have been stored using 3DES, a key derived from a (single) MD5 hash of a customer-controlled (rarely changed from the default) pass-phrase, a hard-coded IV (same for every account in every database), and a ciphermode of CFB...

Would it be safe enough (and not totally asinine) to wrap a separate hash mechanism (and salt) around the old encrypted value to introduce some concept of security? If so, would it then be possible to determine if the resulting stored-password is the new type or the old type?

My end goal is better password security and the ability to, on a per-user basis, update their password to the new model immediately after they authenticate.

Explanation / Answer

Start by naming the current password type (perhaps 3des-cfb) and storing that value on each record as an additional column in the database.

You can now start updating existing records. Enumerate over the values in reasonably sized chunks and hash them securely. bcrypt is a good choice. Store the bcrypted value in the database and change the password type for each modified record to something uniquely reflecting the combination of the two (perhaps 3des-cfb+bcrypt).

Now your passwords are at least securely stored, even if it's a bit of a contrived algorithm. Best at this point would be to simply re-hash user passwords on login with just bcrypt, and update the password type to match (e.g., now just bcrypt).

Related Questions

Navigate

• Browse (All)
• Browse G
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.