How to automatically generate salt for crypt method with blowfish

5
votes

I have just started learning PHP and I want to create a website with a login for my final year university project. I've read that blowfish is the best method for hashing in a number of places like here: openssl_digest vs hash vs hash_hmac? Difference between SALT & HMAC?

Everywhere I read about the crypt method includes a string like $2y$07$usesomesillystringforsalt$ My main question is: how do I randomly generate this? I've read in places that time stamps and mt_rand() are not secure.

Also I've heard AES is the preferred technology recently but from what I can see it seems pretty tricky to implement in PHP! Is blowfish still an acceptable method to secure stored passwords?

3
phppasswordsblowfishcrypt
Its not randomly generated its $algo$cost$salt$ where salt is its perfectly safe to use microtime affixed with your domain name sha1'nd substr(salt,0,21) as anymore then 21 chars will be dropped. Perhaps something I made early will interest you php-pdo-secure-login-script-exampleLawrence Cherone

3 Answers

6
votes

A salt should be unique (for each password) and unpredictable. These two criterias are a bit difficult to fulfill with a deterministic computer, so the best thing you can do is, to use the random source of the operating system, to generate the salt.

Time stamps, as well as the mt_rand() function, are not ideal, because one can argue that they are predictable. At least an attacker can narrow down (and therefore precalculate) the possible combinations for a certain period. While this may not have a big impact in practice, why not do the best you can?

Since PHP 5.3 you can safely use the mcrypt_create_iv() function to read from the random source, then you will have to encode the binary string to the allowed alphabet. This is a possible implementation.

PHP 5.5 will have it's own functions password_hash() and password_verify() ready, to simplify this task. There is also a compatibility pack for PHP 5.3/5.4 available, downloadable at password_compat.

5
votes

For PHP version 5.3.7 or higher I belive this is the best:

$blowfish_salt = "$2y$10$".bin2hex(openssl_random_pseudo_bytes(22));

For PHP version 5.5 or higher just use the new password_hash() function with automatic salt creation.

3
votes

Blowfish is still acceptable, and preferred over fast-hashing methods.

The point of a salt is to prevent precomputed table attacks. As long as you have a non-trivial salt, like the microtime, you have thwarted any precomputed tables that didn't happen to use that exact salt.