Reverse path hash_hmac

Asked

Viewed 126 times

0

It is possible to do the reverse path of the following function?

hash_hmac('sha512', $password . $user_salt, $this->salt)

I am recovering user from an application to a new one and need to recover passwords to register in the encryption that I use. I’ve searched the net, and I can’t find anything concrete.

  • 2

    You need to see if the "new encryption you use" is good, first of all (nothing homemade, except if you’re part of a great team of cryptographers) - I mentioned this, because as you said in reverse, I hope your solution doesn’t have it.

  • 1

    I think this reading might be interesting: How to hash passwords securely

  • Actually the one I’m going to use is php’s crypt() function and a salt that comes from a server in the US when it comes to creating the user. I can’t change the encryption method. I’ve never used it that way.

1 answer

3


No, at least it was designed so you can’t reverse it. However, HMAC is not intended for password, so the only way we have to recover the value can be a little faster.

HMAC is a Keyed Hash, it can be used for message authentication (MAC) and can also be used for key creation (KDF). Its use is neither, since it is using a password, and not a key, for this purpose there is PBKDF2, which can use HMAC internally.


The only way to reverse this value is just an exhaustive search, try all possible attempts, this can be done using Hashcat. But this is not so fast, especially if there are many passwords, using 8x GTX 1080 Ti this will make 4.300.000 attempts per second on average.


But if your intention is to "register in the encryption I use", you can simply register the hash and signal that that user is using an old password.

For example, if you use the hash_hmac and now wants to change to argon2id, you currently have something like:

Usuario | Senha     | Salt
Inkeliz   0x00..00   0xFF...FF

Then just hash the hash:

Senha = argon2i(senha = 0x00..00, salt = 0xAF...AF)

So, supposing that Senha returned 0xAA...AA just use it and create a signage:

Usuario | Senha     | Salt      | SaltAntigo
Inkeliz   0xAA..AA   0xAF...AF   0xFF...FF

The SaltAntigo could be Boolean (true/false), for example EstaUsandoSenhaAntiga?. But, we can also use it to store the old salt, if it is null will indicate that it does not use the old. If you intend to keep the same salt then could use a Boolean even. ;)

So if another user signs up recently:

Usuario | Senha     | Salt      | SaltAntigo
Inkeliz   0xAA..AA   0xAF...AF   0xFF...FF
Novo      0xAB..AB   0xBF...BF   null

That way, for example:

$senha = $_POST['senha'];

if $salt_antigo !== null {
    $senha = hmac($senha, $salt_antigo)
} 

$senha = argon2id($senha, $salt)
//...

// Se tudo estiver certo e temos a senha dele,
// podemos atualizar para usar diretamente o novo algorítimo:

$nova_senha = argon2id($_POST['senha'], $novo_salt)
query("UPDATE contas SET Senha = $nova_senha, Salt = $novo_salt, SaltAntigo = null")

This way everyone uses the new algorithm, those who use the old will update to the new, as they enter the site. ;)

  • So it has almost 3000 users. I need to move to my application. But I think I’ll check if you use an old criminal record, if you log in with that method, otherwise log in with my encryption.

  • And in the other application I have to import ta with 12104 users with the same hashing. In the import of the application in the US the programmers decided to reset everyone’s password and force the reset, more think the disorder and great.

  • This renew on login solution is one of the most "smooth" and does not bother the user. What you can do is specify a deadline, and send a warning after a while pros who have not logged in yet access the system.

  • Dude. I hadn’t really noticed your answer. But it was partly what I was thinking of doing. But I had not imagined changing the encoding since I knew the correct password. Really right. Thank you.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.