Hey,
I wrote about this in boinc_projects but felt it would appropriate to
also post it in the boinc_dev mailinglist before raising an issue in the
BOINC github:
http://lists.ssl.berkeley.edu/mailman/private/boinc_projects/2016-September/011834.html
Topic of discussion: The current BOINC project user password
hashing process!
Upon creating an account, the user's password is hashed as an md5 &
salted with their email address:
https://github.com/BOINC/boinc/blob/master/html/user/create_account_action.php#L107
If a BOINC server was fully compromised, the attacker would have access
to all user's email addresses in the SQL table (entirely negating the
salt's effectiveness) leaving the password only protected by an md5 hash.
I looked up whether or not an md5 password hash is sufficient
protection, and the overwhelming response was a resounding no:
https://security.stackexchange.com/questions/19906/is-md5-considered-insecure
"Using salted md5 for passwords is a bad idea. Not because of MD5's
cryptographic weaknesses, but because it's fast. This means that an
attacker can try billions <http://hashcat.net/oclhashcat-plus/>of
candidate passwords per second on a single GPU."
I realise that switching to a different password hashing mechanism for
an existing BOINC account wouldn't be possible without resetting the
entire user base's passwords via email (which would be a nightmare), but
for a new BOINC project would it not be advisable to switch to using a
more secure password hashing process such as Bcrypt or PBKDF2 for
password hashing?
Looking further into this, using boinc-server-docker provides php v5.6 &
in php v5.5 they introduced simple password hashing functionality
(password_hash(), password_verify(), etc) which implements bcrypt which
is significantly more secure than md5 & it wouldn't be adding crazy
amounts of new code nor external libraries.
https://paragonie.com/blog/2016/02/how-safely-store-password-in-2016
(see the php section, pretty simple!)
https://stackoverflow.com/questions/4795385/how-do-you-use-bcrypt-for-hashing-passwords-in-php
If we were to migrate from 5.6 to 7.0+ in the future
(https://secure.php.net/manual/en/migration70.php would it pose a
significant challenge?), we could also switch to Argon2 instead of
bcrypt as default: https://password-hashing.net/ (Also worth checking
out the other entries).
Thoughts regarding this? I'm going to try using Bcrypt in my 'Project
Rain' project.
Cheers :)
_______________________________________________
boinc_dev mailing list
[email protected]
http://lists.ssl.berkeley.edu/mailman/listinfo/boinc_dev
To unsubscribe, visit the above URL and
(near bottom of page) enter your email address.
