PHP-Einfach.de PHP lernen leicht gemacht

Navigation
» Startseite
» Newsübersicht
» Kontakt
» Impressum

Community
» Forum
» Gästebuch

Tutorial
» PHP Tutorial
» MySQL Tutorial
» PHP
» MySQL
» Codeschnipsel

Downloads
» Einführung
» Scripts
   » Clanbook
   » Clanletter
» Command Board

Sonstiges
» md5-Generator
» Generator
» Wissenswertes

PHP lernen


Dieses Projekt wird unterstützt von
Lichteffekte Shop

 
Partner:
Suchmaschinenoptimierung

Improved Hash Algorithm

The Improved Hash Algorithm is a PHP class to derive from a weak password a strong hash value which could be stored in a database.
For an attacker it is realy hard to crack the hash value, because the class use a random salt and a key strengthening technique to generate a strong hash value.

In normal applications, the passwords are hashed with a single call of md5() or sha1(), but an attacker can check arround 20 - 40 million passwords per secondes, so weak passwords are broken really fast.
The Improved Hash Algorithm calls e.g. 2500 times md5() (sha1() is also possible), so an attacker can check only 10000 passwords per second instead of 25 million per second an his attack takes than e.g. 2500 days (nearly 7 years) instead of 1 day.
The random salt which is used prevents dictionary attacks, which became popular through rainbow tables.

Usage of Improved Hash Algorithm
The usage is really simple:
<?php
require("iha.php");
$iha = new iha();
$pw = "secret password";

//Calculate the hash value and store it in a database
$hash = $iha->hash($pw);

echo "Password: ".$pw." <br>
Hash-Value: ".$hash."<br><br>";

if($iha->compare($pw, $hash))
   echo "Password ok";
else
   echo "Wrong password";
?>


Download:
Improved Hash Algorithm 1.0 (13 KB)



Autor Andavos

News
13.08 - » Spam im Gästebuch
Endlich Schluss mit dem Spam

08.12 - » Clanletter 2.0
Clanletter wurde komplett neu programmiert

01.09 - » Command Board 1.0 - 2.0
Das Command Board 1.0 Beta 2.0 ist erschienen


Mehr

Forum
» Login Script Regestrierungs Fehle ...

» bearbeiten mit mysql

» [Marktforschung] Zeitliches Manag ...







© PHP-Einfach.de 2003 - 2014