Password encryption at client side

Question

Possible Duplicate    About password hashing system on client side       I have to secure the passwords of my web site users   What I did was use MD5 encryption hashing in server side  But the problem is the passwords remain in plain text until it arrives at the server  which means that the password can be captured using traffic monitoring  So what I want is to use a client side password encryption hashing mechanism and send the encrypted hashed password   Can anybody tell what is the way to do this

User · Answer

For a similar situation I used this PKCS  5  Password-Based Cryptography Standard from RSA laboratories  You can avoid storing password  by substituting it with something that can be generated only from the password  in one sentence   There are some JavaScript implementations

User · Answer

I would choose this simple solution   Summarizing it    Client  I want to login  Server generates a random number  S and sends it to the Client Client    reads username and password typed by the user calculates the hash of the password  getting h pw   which is what is stored in the DB  generates another random number  C concatenates h pw     S    C and calculates its hash  call it h all  sends to the server username   C and h all   Server   retrieves h pw   for the specified username  from the DB now it has all the elements to calculate h all    like Client did if h all    h all   then h pw    h pw    almost certainly    No one can repeat the request to log in as the specified user   S adds a variable component to the hash  each time  it s fundamental    C adds additional noise in it

User · Answer

You ve tagged this question with the ssl tag  and SSL is the answer  Curious

User · Answer

This sort of protection is normally provided by using HTTPS  so that all communication between the web server and the client is encrypted   The exact instructions on how to achieve this will depend on your web server   The Apache documentation has a SSL Configuration HOW-TO guide that may be of some help   thanks to user G  Qyy for the link

User · Answer

There are MD5 libraries available for javascript   Keep in mind that this solution will not work if you need to support users who do not have javascript available   The more common solution is to use HTTPS   With HTTPS  SSL encryption is negotiated between your web server and the client  transparently encrypting all traffic

User · Answer

You can also simply use http authentication with Digest  Here some infos if you use Apache httpd  Apache Tomcat  and here an explanation of digest    With Java  for interesting informations  take a look at     Understanding Login Authentication HTTP Digest Authentication Request  amp  Response Examples HTTP Authentication Woes Basic Authentication For JSP Page  it s not digest  but I think it s an interesting source

User · Answer

This won t be secure  and it s simple to explain why   If you hash the password on the client side and use that token instead of the password  then an attacker will be unlikely to find out what the password is   But  the attacker doesn t need to find out what the password is  because your server isn t expecting the password any more - it s expecting the token  And the attacker does know the token because it s being sent over unencrypted HTTP   Now  it might be possible to hack together some kind of challenge response form of encryption which means that the same password will produce a different token each request  However  this will require that the password is stored in a decryptable format on the server  something which isn t ideal  but might be a suitable compromise   And finally  do you really want to require users to have javascript turned on before they can log into your website   In any case  SSL is neither an expensive or especially difficult to set up solution any more

User · Answer

I ve listed a complete JavaScript for creating an MD5 at the bottom but it s really pointless without a secure connection for several reasons   If you MD5 the password and store that MD5 in your database then the MD5 is the password  People can tell exactly what s in your database  You ve essentially just made the password a longer string but it still isn t secure if that s what you re storing in your database   If you say   Well I ll MD5 the MD5  you re missing the point  By looking at the network traffic  or looking in your database  I can spoof your website and send it the MD5  Granted this is a lot harder than just reusing a plain text password but it s still a security hole   Most of all though you can t salt the hash client side without sending the salt over the  net unencrypted therefore making the salting pointless  Without a salt or with a known salt I can brute force attack the hash and figure out what the password is   If you are going to do this kind of thing with unencrypted transmissions you need to use a public key private key encryption technique  The client encrypts using your public key then you decrypt on your end with your private key then you MD5 the password  using a user unique salt  and store it in your database  Here s a JavaScript GPL public private key library   Anyway  here is the JavaScript code to create an MD5 client side  not my code             MD5  Message-Digest Algorithm     http   www webtoolkit info         var MD5   function  string         function RotateLeft lValue  iShiftBits            return  lValue lt  lt iShiftBits     lValue gt  gt  gt  32-iShiftBits               function AddUnsigned lX lY            var lX4 lY4 lX8 lY8 lResult          lX8    lX  amp  0x80000000           lY8    lY  amp  0x80000000           lX4    lX  amp  0x40000000           lY4    lY  amp  0x40000000           lResult    lX  amp  0x3FFFFFFF   lY  amp  0x3FFFFFFF           if  lX4  amp  lY4                return  lResult   0x80000000   lX8   lY8                     if  lX4   lY4                if  lResult  amp  0x40000000                    return  lResult   0xC0000000   lX8   lY8                 else                   return  lResult   0x40000000   lX8   lY8                           else               return  lResult   lX8   lY8                        function F x y z    return  x  amp  y       x   amp  z         function G x y z    return  x  amp  z     y  amp    z          function H x y z    return  x   y   z         function I x y z    return  y    x     z            function FF a b c d x s ac            a   AddUnsigned a  AddUnsigned AddUnsigned F b  c  d   x   ac            return AddUnsigned RotateLeft a  s   b               function GG a b c d x s ac            a   AddUnsigned a  AddUnsigned AddUnsigned G b  c  d   x   ac            return AddUnsigned RotateLeft a  s   b               function HH a b c d x s ac            a   AddUnsigned a  AddUnsigned AddUnsigned H b  c  d   x   ac            return AddUnsigned RotateLeft a  s   b               function II a b c d x s ac            a   AddUnsigned a  AddUnsigned AddUnsigned I b  c  d   x   ac            return AddUnsigned RotateLeft a  s   b               function ConvertToWordArray string            var lWordCount          var lMessageLength   string length          var lNumberOfWords temp1 lMessageLength   8          var lNumberOfWords temp2  lNumberOfWords temp1- lNumberOfWords temp1   64   64          var lNumberOfWords    lNumberOfWords temp2 1  16          var lWordArray Array lNumberOfWords-1           var lBytePosition   0          var lByteCount   0          while   lByteCount  lt  lMessageLength                 lWordCount    lByteCount- lByteCount   4   4              lBytePosition    lByteCount   4  8              lWordArray lWordCount     lWordArray lWordCount     string charCodeAt lByteCount  lt  lt lBytePosition                lByteCount                      lWordCount    lByteCount- lByteCount   4   4          lBytePosition    lByteCount   4  8          lWordArray lWordCount    lWordArray lWordCount     0x80 lt  lt lBytePosition           lWordArray lNumberOfWords-2    lMessageLength lt  lt 3          lWordArray lNumberOfWords-1    lMessageLength gt  gt  gt 29          return lWordArray              function WordToHex lValue            var WordToHexValue    WordToHexValue temp    lByte lCount          for  lCount   0 lCount lt  3 lCount                  lByte    lValue gt  gt  gt  lCount 8    amp  255              WordToHexValue temp    0    lByte toString 16               WordToHexValue   WordToHexValue   WordToHexValue temp substr WordToHexValue temp length-2 2                     return WordToHexValue              function Utf8Encode string            string   string replace   r n g   n            var utftext                for  var n   0  n  lt  string length  n                   var c   string charCodeAt n                if  c  lt  128                    utftext    String fromCharCode c                             else if  c  gt  127   amp  amp   c  lt  2048                     utftext    String fromCharCode  c  gt  gt  6    192                   utftext    String fromCharCode  c  amp  63    128                             else                   utftext    String fromCharCode  c  gt  gt  12    224                   utftext    String fromCharCode   c  gt  gt  6   amp  63    128                   utftext    String fromCharCode  c  amp  63    128                                     return utftext              var x Array        var k AA BB CC DD a b c d      var S11 7  S12 12  S13 17  S14 22      var S21 5  S22 9   S23 14  S24 20      var S31 4  S32 11  S33 16  S34 23      var S41 6  S42 10  S43 15  S44 21       string   Utf8Encode string        x   ConvertToWordArray string        a   0x67452301  b   0xEFCDAB89  c   0x98BADCFE  d   0x10325476       for  k 0 k lt x length k  16            AA a  BB b  CC c  DD d          a FF a b c d x k 0   S11 0xD76AA478           d FF d a b c x k 1   S12 0xE8C7B756           c FF c d a b x k 2   S13 0x242070DB           b FF b c d a x k 3   S14 0xC1BDCEEE           a FF a b c d x k 4   S11 0xF57C0FAF           d FF d a b c x k 5   S12 0x4787C62A           c FF c d a b x k 6   S13 0xA8304613           b FF b c d a x k 7   S14 0xFD469501           a FF a b c d x k 8   S11 0x698098D8           d FF d a b c x k 9   S12 0x8B44F7AF           c FF c d a b x k 10  S13 0xFFFF5BB1           b FF b c d a x k 11  S14 0x895CD7BE           a FF a b c d x k 12  S11 0x6B901122           d FF d a b c x k 13  S12 0xFD987193           c FF c d a b x k 14  S13 0xA679438E           b FF b c d a x k 15  S14 0x49B40821           a GG a b c d x k 1   S21 0xF61E2562           d GG d a b c x k 6   S22 0xC040B340           c GG c d a b x k 11  S23 0x265E5A51           b GG b c d a x k 0   S24 0xE9B6C7AA           a GG a b c d x k 5   S21 0xD62F105D           d GG d a b c x k 10  S22 0x2441453           c GG c d a b x k 15  S23 0xD8A1E681           b GG b c d a x k 4   S24 0xE7D3FBC8           a GG a b c d x k 9   S21 0x21E1CDE6           d GG d a b c x k 14  S22 0xC33707D6           c GG c d a b x k 3   S23 0xF4D50D87           b GG b c d a x k 8   S24 0x455A14ED           a GG a b c d x k 13  S21 0xA9E3E905           d GG d a b c x k 2   S22 0xFCEFA3F8           c GG c d a b x k 7   S23 0x676F02D9           b GG b c d a x k 12  S24 0x8D2A4C8A           a HH a b c d x k 5   S31 0xFFFA3942           d HH d a b c x k 8   S32 0x8771F681           c HH c d a b x k 11  S33 0x6D9D6122           b HH b c d a x k 14  S34 0xFDE5380C           a HH a b c d x k 1   S31 0xA4BEEA44           d HH d a b c x k 4   S32 0x4BDECFA9           c HH c d a b x k 7   S33 0xF6BB4B60           b HH b c d a x k 10  S34 0xBEBFBC70           a HH a b c d x k 13  S31 0x289B7EC6           d HH d a b c x k 0   S32 0xEAA127FA           c HH c d a b x k 3   S33 0xD4EF3085           b HH b c d a x k 6   S34 0x4881D05           a HH a b c d x k 9   S31 0xD9D4D039           d HH d a b c x k 12  S32 0xE6DB99E5           c HH c d a b x k 15  S33 0x1FA27CF8           b HH b c d a x k 2   S34 0xC4AC5665           a II a b c d x k 0   S41 0xF4292244           d II d a b c x k 7   S42 0x432AFF97           c II c d a b x k 14  S43 0xAB9423A7           b II b c d a x k 5   S44 0xFC93A039           a II a b c d x k 12  S41 0x655B59C3           d II d a b c x k 3   S42 0x8F0CCC92           c II c d a b x k 10  S43 0xFFEFF47D           b II b c d a x k 1   S44 0x85845DD1           a II a b c d x k 8   S41 0x6FA87E4F           d II d a b c x k 15  S42 0xFE2CE6E0           c II c d a b x k 6   S43 0xA3014314           b II b c d a x k 13  S44 0x4E0811A1           a II a b c d x k 4   S41 0xF7537E82           d II d a b c x k 11  S42 0xBD3AF235           c II c d a b x k 2   S43 0x2AD7D2BB           b II b c d a x k 9   S44 0xEB86D391           a AddUnsigned a AA           b AddUnsigned b BB           c AddUnsigned c CC           d AddUnsigned d DD              var temp   WordToHex a  WordToHex b  WordToHex c  WordToHex d        return temp toLowerCase

User · Answer

You need a library that can encrypt your input on client side and transfer it to the server in encrypted form  You can use following libs   jCryption  Client-Server asymmetric encryption over Javascript  Update after 3 years  2013    Stanford Javascript Crypto Library  Update after 4 years  2014    CryptoJS - Easy to use encryption ForgeJS - Pretty much covers it all OpenPGP JS - Put the OpenPGP format everywhere - runs in JS so you can use it in your web apps  mobile apps  amp  etc

[javascript] Password encryption at client side

Examples related to javascript

Examples related to jsp

Examples related to ssl

Examples related to passwords

Examples related to password-hash