How to automatically generate salt for crypt method with blowfish

Asked 25/11, 2012 at 23:5 Answered 22/7, 2013 at 19:1

I have just started learning PHP and I want to create a website with a login for my final year university project. I've read that blowfish is the best method for hashing in a number of places like here: openssl_digest vs hash vs hash_hmac? Difference between SALT & HMAC?

Everywhere I read about the crypt method includes a string like $2y$07$usesomesillystringforsalt$ My main question is: how do I randomly generate this? I've read in places that time stamps and mt_rand() are not secure.

Also I've heard AES is the preferred technology recently but from what I can see it seems pretty tricky to implement in PHP! Is blowfish still an acceptable method to secure stored passwords?

Walkin answered 25/11, 2012 at 23:5 Comment(1)

Its not randomly generated its $algo$cost$salt$ where salt is its perfectly safe to use microtime affixed with your domain name sha1'nd substr(salt,0,21) as anymore then 21 chars will be dropped. Perhaps something I made early will interest you php-pdo-secure-login-script-example – Abigael 25/11, 2012 at 23:14

A salt should be unique (for each password) and unpredictable. These two criterias are a bit difficult to fulfill with a deterministic computer, so the best thing you can do is, to use the random source of the operating system, to generate the salt.

Time stamps, as well as the mt_rand() function, are not ideal, because one can argue that they are predictable. At least an attacker can narrow down (and therefore precalculate) the possible combinations for a certain period. While this may not have a big impact in practice, why not do the best you can?

Since PHP 5.3 you can safely use the mcrypt_create_iv() function to read from the random source, then you will have to encode the binary string to the allowed alphabet. This is a possible implementation.

PHP 5.5 will have it's own functions password_hash() and password_verify() ready, to simplify this task. There is also a compatibility pack for PHP 5.3/5.4 available, downloadable at password_compat.

Urey answered 26/11, 2012 at 9:5 Comment(0)

For PHP version 5.3.7 or higher I belive this is the best:

$blowfish_salt = "$2y$10$".bin2hex(openssl_random_pseudo_bytes(22));

For PHP version 5.5 or higher just use the new password_hash() function with automatic salt creation.

Migrate answered 22/7, 2013 at 19:1 Comment(1)

Beware guys, bin2hex(openssl_random_pseudo_bytes(22)) will return 44 characters. For php blowfish, you need bin2hex(openssl_random_pseudo_bytes(11)) – Swiger 4/8, 2017 at 17:12

Blowfish is still acceptable, and preferred over fast-hashing methods.

The point of a salt is to prevent precomputed table attacks. As long as you have a non-trivial salt, like the microtime, you have thwarted any precomputed tables that didn't happen to use that exact salt.

Lhary answered 25/11, 2012 at 23:32 Comment(1)

So would something along the lines of $password = crypt($_POST[passward], '$2y$07$'.microtime()); be OK? Thanks for your help – Walkin 25/11, 2012 at 23:44

Recommended topics

Hot tags