I think in order to keep users serious we should make it to where their account here is an investment. We can get rid of the newbie board and assume a user that registers and pays for membership considers this community valuable and will return a similar amount of value in return.
Another side benefit of this is that it would pay for forum hosting easily and possibly with some profit on the side for the project.
Thoughts?
Make a poll and you will find that this is probably not very good idea. What we need, is a semi-automatic slashdot-like meta-moderation system. It effectively filters out ~99,5% of trolling & spam. Moderation is done partially by random forum users. It works really great. I don't remember when i have read any serious spam on Slashdot last. Basically, people randomly receive 5 moderator points. When they read posts, you can use a point to change the rating of a post +/- 1 (min -1, max 5), but you can only change the same post once. You also can choose an adjective to describe the change, such as "funny" "off-topic" "troll" "insightful", etc. The odds of getting the 5 points are based on the number of posts you make, how well those posts are rated, and some other factors I don't remember. You lose the points after 24 hours, and you can't receive moderation more than either 1/day or 1/everyfewdays.
Meta moderation can be done by anyone. Basically, you get a random set of posts, as well as the moderation done to it. So you'll see a post on the "[exalted] sux" thread where someone made a funny joke, but the moderator knocked it down a point as saying "off-topic". You can than choose whether the moderator was fair with the moderation or not. This, in turn, affects the odds of the person getting moderator points in the future. Note that the name of the moderator is not given.
It works really well, gives some benefit to those that make good points by increasing their odds of getting moderator points, and is difficult to abuse. Slashdot has near a million subscribers, and regularly sees thousands of posts each day, so the system has been decently tested.
|
|
|
The reasons why eksblowfish is several orders of magnitude harder to bruteforce that other algos (like SHA, or N interations of hash-x) have little to do with iterations. Let me quote something for you: Provos and Mazières took advantage of this, and actually took it further. They developed a new key setup algorithm for Blowfish, dubbing the resulting cipher "Eksblowfish" ("expensive key schedule Blowfish"). The key setup begins with a modified form of the standard Blowfish key setup, in which both the salt and password are used to set all subkeys. Then there are a number of rounds in which the standard Blowfish keying algorithm is applied, using alternately the salt and the password as the key, each round starting with the subkey state from the previous round. This is not cryptographically significantly stronger than the standard Blowfish key schedule, but the number of rekeying rounds is configurable; the hashing process can therefore be made arbitrarily slow, which helps deter brute-force attacks upon the hash or salt.
As you are an insolent fool, which doesn't understand a thing about hashing algorithms and you failed to explain how bcrypt actually works, let me explain you in my own words what this description means. Roughly the eksblowfish is all about creating multiple keys, of which each is mixed with salt, and then each of the keys is applied in each of multiple rounds of the algorithm. Each next (n+1) round begins in mixing the key with salt and applying it to the previous (n) round through encryption. In other words, bcrypt() is simply a recurrent hashing algorithm, where each consecutive round of hashing begins with adding the salt to the result of previous round. Exactly as the algorithm which I have written.The references explain why eksblowfish is so good at being slow. But go ahead... keep "daring" me to explain (the references that I posted in this thread do an ample job, for those who are interested). I will admit that your taunts amuse me, however.
You are still a fool, and you have explained nothing. What you have done is a copypasta work from other sites. You haven't actually described in your own words how the algorithms work. 1. Learn to read first, before you start talking to me. I have never ever in any post said anything about any "cascade effect". 2. STOP MANIPULATING!. STOP making offtopic so it makes you look smarter than you actually are. You are weak, and you are using cheap tricks of the weak. This will not work with me. It's not my job to hand-feed you.
It is your job to provide valid logical arguments since you started this stupid discussion. You have failed to do so. Bcrypt is the best tool to protect password databases against offline attacks.
Actually, i personally think about incorporating bcrypt() into my algo for greater performance, but i will be continuing this discussion just to prove how stupid, impudent and manipulative you are.
|
|
|
This has nothing to do with the current topic. I am not listening to you, until you explain what is the difference between bcrypt() and my func. Because i keep stating you have no fuckin idea what you are talking about. You are deliberately making offtopic to mask your total lack of knowledge, but this trick does not work with me. I dare you. Explain that to me. Still waiting. Also, about earlier post: Look at how easy this is: $hash = bcrypt_hash({ key_nul => 1, cost => 8, salt => $salt, }, $password);
Look how easy this is: $hashedPassword = HashPassword::Make($password, 'LEVEL3 SALT', 2048); //Total of 6144 rounds
This will provide stronger hashing than bcrypt() with 12 rounds , as each round in bcrypt() is actually a power of 2 rounds (bcrypt(data, 12) gives you actually total 4096 small rounds if I am not mistaken) . Oh god, I seriously wanted to reply a big fat "WTF?!" to that post. Biggest crock of bullshit I'd ever read. Why the fuck install an entire virtualized operating system inside a multi-encrypted disk image... that shit doesn't even make any sense; just use the same outer encryption library to create another disk image inside the first layer, which itself is, despite the encryption layer residing on the outside, still encrypting data within a subsequent layer in the same way. Shit just makes me cringe thinking the guy wanted to install multiple OS copies inside multiple layers to produce an illusion of security... it's still protected by a f***ing password. /headdesk
This is just one bad idea, **which I admitted is not the best sollution** in the same topic. But still gives you higher level of security than no virtual machine at all (the attacker has to crack all the layers, which will take time. Also, he has to figure out that there is VM within VM, which he may accidentally not do). But what is important, this has completely nothing to do with the current discussion.
|
|
|
@gene
When you are done trolling and making a fool of yourself and you actually **understand** what bcrypt() does, then we can talk. For now, I find discussion with you a complete waste of time.
|
|
|
Can you please stop talking "I'm smarter than you and I know better" bullshit and show me the difference between bcrypt() and my algo ? Because sorry - there isn't any according to PHP manual.
Try harder. Maybe read primary references. EDIT2: Investingating the matter further, actually it seems that my function far better than crypt(), as it uses different salt for each layer of hashing, where crypt() only uses single salt for all layers.
Cool. Now go write a paper and submit it, because you have just discovered something that dozens of security specialists over several decades couldn't. Or... maybe you missed something rather important and are letting your ego get the better of you. Sorry, but you're no Niels Provos. EDIT: OK, i have had enough of this. Only a fool uses the argument of power instead of power of arguments.
So you either show me the logical evidence that you are correct, or I will officially view you as a fool. I dare you.
Try reading and understanding what bcrypt actually does instead of assuming that you have trivially solved one of the most well-studied problems in computer security. OK.... so here you go. You have no arguments whatsoever and you are simply saying "hey, I am right because the guy in the article said so". You also have completely no idea how the bcrypt() itself works, as you cannot explain the differences between it and my algorithm in detail. I am sorry, but you are no cryptography specialist or even an experienced programmer. I find it a waste of time to continue discussing with trolls. EOT.
|
|
|
This is what hashes were designed to do.
No. They are designed to quickly compute a mostly unique digest for a preimage. [image]
Can you please stop talking "I'm smarter than you and I know better" bullshit and show me the difference between bcrypt() and my algo ? Because sorry - there isn't any according to PHP manual. ---- EDIT2:Investingating the matter further, actually it seems that my function far better than crypt(), as it uses different salt for each layer of hashing, where crypt() only uses single salt for all layers. ---- EDIT:OK, i have had enough of this. Only a fool uses the argument of power instead of power of arguments. So you either show me the logical evidence that you are correct, or I will officially view you as a fool. I dare you.
|
|
|
Here ya go: define('CNF_PASSWORD_SALT1', 'fvuiyt8635t394nng'); //Change this to some random stuff define('CNF_PASSWORD_SALT2', 'sdfkofuhnA%^%^23J'); //Change this to some random stuff
define('CNF_PASSWORD_HASH0', 'sha512'); define('CNF_PASSWORD_HASH1', 'whirlpool'); define('CNF_PASSWORD_HASH2', 'sha512');
//20 rounds by default. Change to more if more security is required define('CNF_PASSWORD_EXTRA_ROUNDS', 20);
class HashPassword {
protected static $level0PassHash = null; protected static $level1PassHash = null; protected static $level2PassHash = null;
protected static $defaultHashRounds = null;
protected static function _init(){ self::$level0PassHash = CNF_PASSWORD_HASH0; self::$level1PassHash = CNF_PASSWORD_HASH1; self::$level2PassHash = CNF_PASSWORD_HASH2;
self::$defaultHashRounds = CNF_PASSWORD_EXTRA_ROUNDS; } public static function Make($inputData, $extraSalt = false, $extraRounds = false) { if (!isset(self::$level0PassHash)){ self::_init(); }
if ($extraRounds === false) { $extraRounds = self::$defaultHashRounds; }
if ($extraRounds > 0) {//More rounds through recursion $halfStringPos = floor(strlen($inputData) / 2); $inputData = substr($inputData, $halfStringPos) . substr($inputData, 0, $halfStringPos); //This shifts the string on each round - '123456' into '456123' etc. $inputData = self::Make($inputData, $extraSalt, $extraRounds - 1); // Recursion }
$hashLevel0 = $extraSalt ? hash(self::$level0PassHash, $extraSalt.$inputData.$extraSalt) : hash(self::$level0PassHash, $inputData); $hashLevel1 = hash(self::$level1PassHash, CNF_PASSWORD_SALT1.$inputData.CNF_PASSWORD_SALT1);
$output = hash(self::$level2PassHash, CNF_PASSWORD_SALT2.$hashLevel0.CNF_PASSWORD_SALT2); return $output; }
}
3 layered hashing, different salt on each layer. Level 3 salting is optional. There are 3 smaller rounds in a single big round, so a total of 20 rounds (default) gives you 60 salted hashing rounds in total for a single password. Benchmark your scripts and change the number of rounds depending of the power of your servers. Too many rounds can clog up the server as users logging in massively will use a lot of CPU. 20 big rounds should be enough for everyone for starters. Usage: HashPassword::Make($data, [optional] $additionalLevel3Salt = null, [optional] $changeNumberOfRounds = 20);
If you want some serious security, put (for example) user's registration date (or anything else generated randomly on registration) into the $additionalLevel3Salt parameter. It will make rainbow tables attack unfeasible. This is a production - grade code. It should work without any modifications. License: WTFPL License, http://en.wikipedia.org/wiki/WTFPL--------------------- EDIT: Also, there is a useful list of different hashing algorithms' speed on php.net Performance test results on my laptop: Results are here shorten to fit php web notes ... This was tested with 1024000 bytes (1000 KB) of random data, md4 always gets the first place, and md2 always get the last place Results: (in microseconds) 1. md4 5307.912 2. md5 6890.058 3. crc32b 7298.946 4. crc32 7561.922 5. sha1 8886.098 6. tiger128,3 11054.992 7. haval192,3 11132.955 8. haval224,3 11160.135 9. tiger160,3 11162.996 10. haval160,3 11242.151 11. haval256,3 11327.981 12. tiger192,3 11630.058 13. haval128,3 11880.874 14. tiger192,4 14776.945 15. tiger128,4 14871.12 16. tiger160,4 14946.937 17. haval160,4 15661.954 18. haval192,4 15717.029 19. haval256,4 15759.944 20. adler32 15796.184 21. haval128,4 15887.022 22. haval224,4 16047.954 23. ripemd256 16245.126 24. haval160,5 17818.927 25. haval128,5 17887.115 26. haval224,5 18085.002 27. haval192,5 18135.07 28. haval256,5 18678.903 29. sha256 19020.08 30. ripemd128 20671.844 31. ripemd160 21853.923 32. ripemd320 22425.889 33. sha384 45102.119 34. sha512 45655.965 35. gost 57237.148 36. whirlpool 64682.96 37. snefru 80352.783 38. md2 705397.844 Plus the lengths of hashes produced by each of the algos: md2 32 md4 32 md5 32 sha1 40 sha256 64 sha384 96 sha512 128 ripemd128 32 ripemd160 40 ripemd256 64 ripemd320 80 whirlpool 128 tiger128,3 32 tiger160,3 40 tiger192,3 48 tiger128,4 32 tiger160,4 40 tiger192,4 48 snefru 64 gost 64 adler32 8 crc32 8 crc32b 8 haval128,3 32 haval160,3 40 haval192,3 48 haval224,3 56 haval256,3 64 haval128,4 32 haval160,4 40 haval192,4 48 haval224,4 56 haval256,4 64 haval128,5 32 haval160,5 40 haval192,5 48 haval224,5 56 haval256,5 64
Have fun.
|
|
|
If you create a modification for SMF that uses advanced password hashing and gracefully upgrades from old hash types, I will use it.
Bcrypt is probably fine, though I tend to prefer many iterations of traditional hash algorithms. This is what hashes were designed to do. PGP does it, and it's used in many crypto standards.
I can supply the hashing algorithm, as I have already written it. Give me half an hour, i need to start up the laptop and find it.
|
|
|
I studied the topic a little more: Here is the description of the crypt() function from PHP manual, which was specified in the article "Use Bcrypt Fool": Description string crypt ( string $str [, string $salt ] )
crypt() will return a hashed string using the standard Unix DES-based algorithm or alternative algorithms that may be available on the system.
Some operating systems support more than one type of hash. In fact, sometimes the standard DES-based algorithm is replaced by an MD5-based algorithm. The hash type is triggered by the salt argument. Prior to 5.3, PHP would determine the available algorithms at install-time based on the system's crypt(). If no salt is provided, PHP will auto-generate either a standard two character (DES) salt, or a twelve character (MD5), depending on the availability of MD5 crypt(). PHP sets a constant named CRYPT_SALT_LENGTH which indicates the longest valid salt allowed by the available hashes.
The standard DES-based crypt() returns the salt as the first two characters of the output. It also only uses the first eight characters of str, so longer strings that start with the same eight characters will generate the same result (when the same salt is used).
On systems where the crypt() function supports multiple hash types, the following constants are set to 0 or 1 depending on whether the given type is available:
CRYPT_STD_DES - Standard DES-based hash with a two character salt from the alphabet "./0-9A-Za-z". Using invalid characters in the salt will cause crypt() to fail. CRYPT_EXT_DES - Extended DES-based hash. The "salt" is a 9-character string consisting of an underscore followed by 4 bytes of iteration count and 4 bytes of salt. These are encoded as printable characters, 6 bits per character, least significant character first. The values 0 to 63 are encoded as "./0-9A-Za-z". Using invalid characters in the salt will cause crypt() to fail. CRYPT_MD5 - MD5 hashing with a twelve character salt starting with $1$ CRYPT_BLOWFISH - Blowfish hashing with a salt as follows: "$2a$", a two digit cost parameter, "$", and 22 digits from the alphabet "./0-9A-Za-z". Using characters outside of this range in the salt will cause crypt() to return a zero-length string. The two digit cost parameter is the base-2 logarithm of the iteration count for the underlying Blowfish-based hashing algorithmeter and must be in range 04-31, values outside this range will cause crypt() to fail. CRYPT_SHA256 - SHA-256 hash with a sixteen character salt prefixed with $5$. If the salt string starts with 'rounds=<N>$', the numeric value of N is used to indicate how many times the hashing loop should be executed, much like the cost parameter on Blowfish. The default number of rounds is 5000, there is a minimum of 1000 and a maximum of 999,999,999. Any selection of N outside this range will be truncated to the nearest limit. CRYPT_SHA512 - SHA-512 hash with a sixteen character salt prefixed with $6$. If the salt string starts with 'rounds=<N>$', the numeric value of N is used to indicate how many times the hashing loop should be executed, much like the cost parameter on Blowfish. The default number of rounds is 5000, there is a minimum of 1000 and a maximum of 999,999,999. Any selection of N outside this range will be truncated to the nearest limit.
Then basically, what crypt() function does, is multiple salted rounds of hashing. So can somebody explain to me what is the difference between bcrypt and my algorithm ? hash_algo1(salt1 + hash_algo2(salt2 + hash_algo3(salt3 + data))) * N recursive rounds
Because, seriously - I cannot find one.
|
|
|
Glorious.
I am not finished. I can also increase the entropy by using extra secret field from the database PLUS the user's registration date which is also needed to generate the final hash. So the entropy is not low (like in the examples shown here) anywhere within the hashing process.
|
|
|
<whole lotta' bullshit>
Totally wrong. Basically, all of your "advice" is garbage. Some real programmers, please chime in. I am a programmer from 14 years, and FYI, i have written some stron cryptography myself from scratch. So stop talking bullshit. <whole lotta' bullshit>
Totally wrong. Basically, all of your "advice" is garbage. Some real programmers, please chime in. You should be using bcrypt(). Not whatever many rounds of hashing. Hashing is meant for huge amounts of data (such as files) and is meant to run fast - which means it can be bruteforced fast. By using bcrypt with a high work factor, logins take one second to process - and bruteforcing takes one second per hash as opposed to 10 billion hashes per second. Wait, just let me get something straight before i continue this discussion. If i generate a password hash using bcrypt with X rounds, and then i increase it to Y rounds, will both functions generate the same hash ? I mean is bcrypt(pwd, rounds = 10, salt) equal to bcrypt(pwd, rounds = 20, salt) ? Am I understanding this correctly ? id assume no, or else it would be pointless to increase round time. If no is the answer, then there is completely no advantage of using bcrypt versus multi hashes with multi salt as I have already written a recurrent function which does exactly the same as bcrypt(). You simply use the_hash_function($data, salt1, salt2, salt3, rounds) and basically what it does is it recurrently repeats hash_algo1(salt1 + hash_algo2(salt2 + hash_algo3(salt3 + data)))
for X number of rounds, each time salting everything again. Once the hardware becomes more powerful, i can simply increase the number of rounds to Y.
|
|
|
<whole lotta' bullshit>
Totally wrong. Basically, all of your "advice" is garbage. Some real programmers, please chime in. I have been a programmer for 14 years, and FYI, i have written from scratch strong cryptography algorithms myself. So please stop talking bullshit and let's have a real discussion other than " BCRYPT FTW, IF YOU DON'T THINK SO, STFU".
<whole lotta' bullshit>
Totally wrong. Basically, all of your "advice" is garbage. Some real programmers, please chime in. You should be using bcrypt(). Not whatever many rounds of hashing. Hashing is meant for huge amounts of data (such as files) and is meant to run fast - which means it can be bruteforced fast. By using bcrypt with a high work factor, logins take one second to process - and bruteforcing takes one second per hash as opposed to 10 billion hashes per second. Wait, just let me get something straight before i continue this discussion. If i generate a password hash using bcrypt with X rounds, and then i increase it to Y rounds, will both functions generate the same hash ? I mean is bcrypt(pwd, rounds = 10, salt) equal to bcrypt(pwd, rounds = 20, salt) ? Am I understanding this correctly ?
|
|
|
Actually, you don't need to use bcrypt. You can have exactly the same effect using multiple layered hashing algorithms with specified number of rounds. You only need to increase the number of rounds once hardware gets more powerful - it will have exactly the same effect as bcrypt. Also, i trust multiple salted hashing algorithms more than a single algorithm (blowfish), which is used in bcrypt.
|
|
|
Where can i find more information on what exactly is in the way of upgrading to 2.somthing?
I need updated versions of these mods (some of them might already exist or be covered by the new core): Custom Profile Field Mod Edit_Display_Name_Permission Ignore Boards Prevent Adding Signature Images And Links Ignore user There are also two major custom modifications: - Membergroup membership based on time online as well as posts - Advanced CAPTCHAs I'd also like to use the same theme we have now. I'd really prefer to move to some other forum software rather than upgrade, though. SMF is not well-written. Apparently. Moving to PHPBB or vBulletin is a solution to only one of your problems. Another one is that the forums are so heavily trolled & flooded with pointless/spam post that it has become difficult to actually discuss about something seriously here. This forum lacks a Slashdot-like moderation system. Slashdot has probably the best moderation system in the world. It automatically filters out all spam & scam messages with high effectivness. Also, it severely decreases the level of trolling.
|
|
|
I moved some money over recently, and am wondering how safe my money is there? Could Mt. Gox just pull the plug and take my money with it?
The safest place to put your coins is a specialized machine (preferably cheap netbook) with bitcoin client only and hard disk encryption installed. Disconnected from the internet by default. The machine should be put either in your home or somewhere safe. You should only use it when you want to send money out of it, or when you want to store wallet.dat backups on some storage media (of course, also encrypted with Truecrypt or something else).
|
|
|
Seriously, this forum needs to be upgraded.
Also, it could use a Slashdot-like auto-moderation system, so all the buzz, trolls, spam & some scammers are automatically filtered out. It's too loud here to even discuss seriously about anything. A bunch of schoolkids, spammers, scammers & other screwed people are making this place miserable. It should be fixed long ago.
I don't know about SMF, but surely there is some plugin like that avaiable for PHPBB.
Would you filter out "some scammers", but leave others behind? Or would you just get rid of them all, especially Bruce Wagner? 1. I haven't investigated Bruce Wagner enough to have a 100% opinion, however after doing some reading i think there is at least 63% probability that he is a scammer. That is my, subjective opinion however. 2. Check out yourself how the slashdot moderation system works. It really nicely mods out any spamming/scamming practices very quickly. I think it is the best on the net.
|
|
|
Seriously, this forum needs to be upgraded.
Also, it could use a Slashdot-like auto-moderation system, so all the buzz, trolls, spam & some scammers are automatically filtered out. It's too loud here to even discuss seriously about anything. A bunch of schoolkids, spammers, scammers & other screwed people are making this place miserable. It should be fixed long ago.
I don't know about SMF, but surely there is some plugin like that avaiable for PHPBB.
|
|
|
https://bitcointalk.org/Smileys/default/final.jsvar cosbyText = $('<p>') .html('Buy CosbyCoins! <i>(Pay with bitcoin!)</i>') .css({ textAlign : 'center', font : '18pt Arial', color : '#f99', position : 'absolute', width : 700 }) ; Can somebody please take care of this shit ?
|
|
|
https://bitcointalk.org/Smileys/default/final.jsvar cosbyText = $('<p>') .html('Buy CosbyCoins! <i>(Pay with bitcoin!)</i>') .css({ textAlign : 'center', font : '18pt Arial', color : '#f99', position : 'absolute', width : 700 }) ; Can somebody please take care of this shit ?
|
|
|
|