0

UPDATE
Found an answer here: Recommended way of adding a pepper/secret key to password before hashing?

After reading https://security.stackexchange.com/questions/211/how-to-securely-hash-passwords and doing some research I wrote some code that does the following:

  1. Generate 128 bit Salt using Cryptographically secure pseudorandom number generator
  2. Give Password and Salt to PBKDF2 implementation
  3. Store the 32 Byte hash as the password

I would also like to include a private key as part of the process, but I'm not sure where it fits. I've used HMAC (SHA 256) in the past to authenticate a message so I was thinking either:

  1. Append the private key to the salt and pass the 256 bit result through the algorithm of choice ( PBKDF2 , bCrypt , Argon2)
  2. Apply a HMAC (SHA 256) password then pass that to the algorithm of choice ( PBKDF2 , bCrypt , Argon2)
  3. Something else??

I want to make sure I am using the private key properly in the context of password hashing. Any suggestions or comments are greatly appreciated.

Thank you

Community
  • 1
  • Why do you want to do this? Hash functions are one way. Adding symmetrical encryption to this doesn't help. My advice is to use standard practices (current best practice is just to use bcrypt with good work level - PDKDF2 is a little more vulnerable to brute forcing, scrypt isn't quite accepted yet, though either of those two are also considered "fine") –  Jan 11 '17 at 14:50
  • I want to have a private key stored on a separate sever in case the database is compromised. –  Jan 11 '17 at 14:58
  • That's what the hashing does for you - the passwords are unrecoverable (assuming you use appropriate standards) even an attacker has the database, including the hashes. The hashes are one-way and those ones, especially bcrypt and scrypt, as specifically designed to be resistant to exactly this situation. –  Jan 11 '17 at 15:02
  • I'd like to use bcrypt but I cant find a verified version of the algorithm implemented in .NET. I'm not adding symmetrical encryption, I'm adding a private key to the Hash - it's probably fine not to do this but I am asking the question to see how would be the best method if I was to implement the private key. –  Jan 11 '17 at 15:15
  • Note that we generally try and talk about a secret key when it comes to symmetric cryptography. You can argue about this in your case, as you don't need to share the secret. The secret value is called a pepper in this particular case, though (to make it even more interesting). Most people here reserve the word "private" for private keys in asymmetric public / private key pairs. – Maarten Bodewes Jan 12 '17 at 08:09

0 Answers0