Hacker News new | past | comments | ask | show | jobs | submit login

As I pointed out on another post yesterday, there's no central repository for security information. Everyone is left up to their own devices to determine the current best practices. And then implement them. The fact that it was 'started' a year after AES doesn't really mean much. (And 'started' or 'launched'? Those are quite different.)



Sorry but I don't agree here.

If you have to develop a secure solution you make some research and choose what you think is a good solution (and if it is something outside your field you study/ask).

In 2001 I've to implement a secure solution for a mobile platform, I choose Rijndael (them picked by NIST for AES). My previous knowledge of encryption algorithm was near zero.

And then if you make the wrong decision, on something important as security for a public website, over the years you iterate (come on, till 2003 nobody internally thought it was a must to fix this mess?).


> If you have to develop a secure solution you make some research and choose what you think is a good solution (and if it is something outside your field you study/ask)

If everyone did this we wouldn't have these discussions so often. The problem is that people think they know about crypto, and think they know what they're doing, and probably won't believe otherwise until they get smashed wide open like this. This applies to almost all areas of knowledge, it's just particularly damaging in crypto as it's arcane and very sensitive to changes, often in very subtle ways.


It's worse than that - I admit I know very little about crypto.

So when it comes to implementing a password storage system I read up a bit, get confused, ask a couple of people and get different answers back.

It's the "get confused" bit that's dangerous. As you say, the differences are quite subtle and (for me at least) when they are being explained make perfect sense, but ten minutes later have become an uncrackable cipher all of their own.


I'm not sure what advice to give you. You commonly see advice to outsource your security, to other libraries, the idea being these are more likely to be correct than you. However, there have been some pretty high profile mistakes in common crypto libraries too! If there's anything specific you have in mind, I'd be happy to field questions (and hopefully other HN users will correct me in the event I'm wrong!)


Cheers (that's why I love this place).

At the moment I use Authlogic in Rails, which uses SHA512 by default (SHA512 is built into the Ruby core libs).

But I also notice that it's quite easy to switch to bcrypt (using the bcrypt gem).

Is it worth switching? Or at least using that as my default on new apps?


What is it being used for, and how is it being used? I'm guessing this is password hashes. Is rails using a unique salt for each password?

Bcrypt is slower than SHA512, in fact it can be made to be very slow. This is actually ideal for password hashes, it doesn't matter if it takes your server 50 milliseconds to calculate a password hash but that would severely slow down an attack.

It is important however that they are being used correctly. Either would be a good solution if properly salted.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: