Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Tighten.co Blog:
APP_KEY And You
Sep 26, 2018 @ 09:49:21

On the Tighten.co blog there's a tutorial posted from Jake Bathman for the Laravel users out there covering the APP_KEY value - what it is and how its used in your application.

A recent Laravel security update fixed an issue with how APP_KEY is used. For someone to exploit this issue, they'd need to have access to the production APP_KEY. The simplest fix for the exploit is to rotate (change) your APP_KEY. That led some of us at Tighten to ask the question: What does the app key do? What is involved in rotating it? What are best practices for managing these keys for our Laravel applications?

In this post, we'll talk about what APP_KEY does and doesn't do, some common misconceptions about its relationship to user password hashing, and the simple steps to changing your APP_KEY safely without losing access to your data.

Before diving in too deep, he reminds the reader about a security release Laravel recently made to correct an issue with APP_KEY handling (and the recommendation to rotate it). It then moves on to talk about what the setting is, how to generate a new one and its use in cookies. It also tries to dispel myths around:

  • its use for password hashing (it's not)
  • where it is used for encryption
  • rotating the key
  • multi-server use

It also makes a recommendation of the process to use for currently encrypted data that was created using the previous APP_KEY value and how to re-encrypt.

tagged: appkey laravel tutorial myth encryption hashing

Link: https://tighten.co/blog/app-key-and-you

DeliciousBrains.com:
PHP Encryption Methods for Passwords & Other Sensitive Data
Sep 19, 2018 @ 09:20:39

On the Delicious Brains site, there's a new tutorial posted sharing some of the methods included with PHP to improve protection of sensitive data using encryption.

I recently attended Laracon EU 2018 where Marcus Bointon gave a great talk on Crypto in PHP 7.2. I left the talk having a much greater appreciation for how vastly complicated cryptography is, but also for how PHP is making encryption more accessible thanks to the introduction of Sodium. Data encryption in PHP is something I’ve been working on as part of my work on SpinupWP so I thought it was time I shared a few insights. Buckle up, because this could be a bumpy ride!

The author then spends the remainder of the article covering the different types of encryption that are included with recent versions of the PHP language:

  • one-way hashing (such as the bcrypt password hashing functionality)
  • secret key encryption (symmetric)
  • envelope encryption (such as Google's KMS)

Code examples are provided to show each of the types in action and links are also included for more information on several related topics/resources.

tagged: encryption tutorial hashing symmetric envelope kms google

Link: https://deliciousbrains.com/php-encryption-methods/

PHP Roundtable:
054: Security: Encryption, Hashing and PHP
Nov 07, 2016 @ 11:16:47

The PHP Roundtable podcast, hosted by Sammy Powers, has posted their latest episode covering Security: Encryption, Hashing and PHP. This time Sammy is joined by guests Scott Arciszewski, Chris Riley and Chris Cornutt.

We chat about security in the the PHP community, encryption & hashing in PHP and a new-hotness crypto library called libsodium.

You can catch this latest episode in a few different ways: either using the in-page audio or video player or you can watch it directly over on YouTube. If you enjoy the show, be sure to subscribe to their feed and follow them on Twitter for updates when new shows are being recorded and released.

tagged: phproundtable podcast video security encryption hashing sammypowers

Link: https://www.phproundtable.com/episode/security-encryption-hashing-and-php

Dries Vints:
Two tips to speedup your Laravel tests
Aug 25, 2016 @ 09:15:48

In this recent post to his site Dries Vints shares two quick tips you can use to help speed up the execution of the tests for your Laravel application.

I've seen two different tips for speeding up your tests in Laravel in the past week and thought I'd share them with you. For me, they made a significant impact on the speed of my tests.

His two tips involve lowering the "cost" factor on the number of "rounds" the user password is hashed and the use of a pre-computed hash in your testing factories. These both help reduce the overhead needed, especially when working with tests that need to create the user every time. He includes code and reference links for more information about these two tips and applying them in your testing.

tagged: speed performance laravel test hashing rounds precomputed

Link: https://driesvints.com/blog/two-tips-to-speedup-your-laravel-tests/

Paragon Initiative:
You Wouldn't Base64 a Password - Cryptography Decoded
Aug 10, 2015 @ 12:33:43

The Paragon Initiative has posted an article about cryptography, introducing some of the basic concepts and explaining why "you wouldn't base64 a password" to adequately protect it in your application.

If you feel that cryptography is a weird, complicated, and slightly intimidating subject for which your feelings might be best described as lukewarm (on a good day), we hope that by the time you finish reading this page, you will have a clear understanding of the terms and concepts people use when this topic comes up.

He starts with some of the basics around hashing (keyless cryptography) and the advantages/disadvantages of the method. He moves from there a step up and gets into secret key cryptography, using things like HMAC hashing to ensure message validity. The next move up is to secret key encryption, using some kind of "secret" as a part of the encryption process along with the right algorithm and mode for the encryption level desired. He also covers authenticated key encryption, public key encryption, shared secrets and digital signatures. He ends the post covering some of the common pitfalls of using cryptography in things like password storage, file verification and a reminder that encoding (like base64 encoding) and compression aren't encryption.

tagged: encryption introduction cryptography base64 decoded tutorial hashing

Link: https://paragonie.com/blog/2015/08/you-wouldnt-base64-a-password-cryptography-decoded

IBM developerWorks:
PHP renewed: Password security in modern PHP
Apr 17, 2015 @ 08:53:15

The IBM developerWorks site has a new tutorial posted talking about how PHP has been "renewed" in recent versions, more specifically in the password security department.

When PHP was first crafted in the mid-1990s, the term web application didn't even exist yet. Password protection, then, wasn't one of the features that the PHP creators devoted resources to. After all, you didn't need to worry about passwords when you used PHP just to put a site-visit counter or a date-modified stamp on your web page. But 20 years have passed, and now it's almost unthinkable to create a web application that doesn't involve password-protected user accounts. It's of the utmost importance that PHP programmers safeguard account passwords by using the latest and most secure methods.

The article goes on to talk about the importance of using secure hashing methods for password storage, the speed at which "cracking" programs can run and the use of "rainbow tables". It then gets into some of the older methods commonly used for password storage and protection and shows how to refactor them into the new password hashing functionality introduced in PHP 5.5.

tagged: password security hashing renewed modern language release

Link: http://www.ibm.com/developerworks/web/library/wa-php-renewed_2/index.html

Anthony Ferrara:
Why I Don't Recommend Scrypt
Mar 13, 2014 @ 10:11:59

Anthony Ferrara has a new post today looking at password hashing and a type of hashing that's beginning to get more attention in the PHP community - scrypt. However, he doesn't recommend it for production password storage and shares his reasoning why.

Scrypt was not designed for password storage. It was designed as a key derivation function for generating keys from weak material (namely passwords). The prime type of attack that scrypt is designed to defeat is ASIC based attackers. It is not designed to try to favor CPU over GPU (and thereby defeat GPU based attacks). It is this fact that we can leverage to gain an advantage when used as a password hashing mechanism.

He covers some of the basic design decisions that were made when scrypt was created. He also points out that none of the results of these decisions are strictly fatal, they just make it a bit weaker than something like bcrypt for password storage. He goes through the basic inputs scrypt requires and includes a quick snippet of code (not PHP, but easy to understand) showing its use. He talks about its "chain of 4 operations" and gets into what he sees as limitations: loop unrolling and the tune-able reduced memory usages. He finishes off the post mentioning that scrypt is still secure, but despite this he doesn't recommend it for password storage specifically.

tagged: scrypt recommend hashing password

Link: http://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html

SitePoint PHP Blog:
Risks and Challenges of Password Hashing
Mar 11, 2014 @ 09:31:45

The SitePoint PHP blog has a new post today about the challenges of password hashing and some of the common risks that can come with it. It's a continuation of a previous article about the actual techniques for hashing in PHP.

The fact that the output of a hash function cannot be reverted back to the input using an efficient algorithm does not mean that it cannot be cracked. Databases containing hashes of common words and short strings are usually within our reach with a simple google search. Also, common strings can be easily and quickly brute-forced or cracked with a dictionary attack.

He points to a video demonstrating a method for getting the password data and why just salted hashes aren't a secure method for storing this information. He mentions a "randomness issue" (and PHP's rand function). Instead, he shows an example with openssl_random_pseudo_bytes o pull a chunk of randomized data. He then talks some about password stretching using the PBKDF2 handling in PHP. Finally, he goes past the hashing and gets into encryption, mentioning "password tweaking" as an alternative to generating a single key for every user.

tagged: password hashing encryption challenge risk tutorial

Link: http://www.sitepoint.com/risks-challenges-password-hashing/

Jeremy Kendall:
PHP Password Hashing: A Dead Simple Implementation
Jan 08, 2014 @ 11:48:23

In this recent post to his site Jeremy Kendall shares some of his thoughts about password hashing and a new library he's written to help make it simpler - event with an existing password hashing method in place.

We all know to encrypt passwords for highest level of security. Unfortunately, too many do it [the wrong way]. While there was never any excuse for getting it that wrong, there’s now no excuse for getting it wrong at all. Developers, meet the new(-ish) PHP password hashing functions (and the userland implementation password-compat).

He shows how to use this password hashing correctly with the "default" hash and how to store that in the database. His Password Validator library aims to help make this even simpler and adds in other features like rehashing and upgrading of legacy passwords. The remainder of the post shows how to use the library for these functions and how to persist them in the tool's storage decorator and interface functionality.

tagged: password hashing implementation validator opensource library

Link: http://jeremykendall.net/2014/01/04/php-password-hashing-a-dead-simple-implementation/

Timoh's Blog:
Aggressive password stretching - A solution to the low-entropy keys problem?
Nov 29, 2013 @ 10:15:30

While not specifically related to PHP, this new post from Timoh looks at the idea of "aggressive password stretching" to help with a common problem in password-based systems - the poor choice of passwords from the application's users.

Practically speaking, “weak” means a user generated password will not contain enough guessing entropy to resist an adversary who managed to gain the user database dump, and who is able to run efficient offline attack against leaked hashes. Here comes in the need to make adversary’s job harder, which is achieved by using the above-named algorithms.

He doesn't talk much about the actual password hashing itself, instead focusing on how the password stretching - the addition of more information not from the user (usually an automated source) to increase it password entropy. He goes through some of the math about how much extra work is required for an attacker with this method and some of the problems that can come with it. He talks about how much time should be spent in the hashing of the passwords and suggests that it's "a matter of finding a sweet spot between you and attacker’s patience and the security gain" and not just about the security.

A bit more on the PHP-specific side, he briefly looks at the password_hash function and some of the defaults the more current frameworks use (hint: bcrypt all the things).

Proper password hashing is clearly not enough to make sure the password hashes are not weak. The other half of the job is a good password policy. No algorithm or setting will save passwords like “password” or “12345” etc. This is why we need to make sure the user’s password will initially contain enough entropy itself.
tagged: password stretching hashing aggressive entropy solution

Link: http://timoh6.github.io/2013/11/26/Aggressive-password-stretching.html