I need to up the security of our website, and is currently using the guide here: http://crackstation.net/hashing-security.htm, and also the generation of random passwords here: https://defuse.ca/generating-random-passwords.htm. I gather that both uses the function mcrypt_create_iv()
for generating random bytes (or bits?), but for some reason, I encounter errors in installing php-mcrypt under CentOS 6. Fortunately, the first link said that openssl_random_pseudo_bytes()
is a CSPRNG (and the PHP documentation and other sources also back that claim), and is available on the current server installation of PHP 5.4, so I have no choice but to use that at the moment. With these in mind, I would like to ask the following:
Does a direct code substitution suffice without affecting security? (That is, just replacing calls to mcrypt_create_iv()
to openssl_random_pseudo_bytes()
would do?)
About the constants mentioned in the code (http://crackstation.net/hashing-security.htm#properhashing), the guide says that "[m]ake sure your salt is at least as long as the hash function's output." Am I right in assuming that PBKDF2_SALT_BYTES
and PBKDF2_HASH_BYTES
are both set to 24 bytes since the output of the pbkdf2()
function would be just 24 bytes, not 32 (for 256 bits) since the underlying algorithm used is sha256
? (Yes, I am using key stretching too.) In a related note, is 24 bytes fine, or should be increased/decreased, and what effect would that have?
Advanced thanks for those who will answer.
openssl_random_pseudo_bytes($len, true)
and mcrypt_create_iv($len, MCRYPT_DEV_RANDOM)
).PBKDF2_SALT_BYTES
is used only in the test function create_hash()
and not in pbkdf2()
itself. So you just need to implement your own salt generation function using those CSPRNGs.