在这里我利用一张GTX 1080显卡对这些算法做个大略的抗爆测试,希望各位路人甲乙丙丁能有所收成。
哈希函数抗爆能力比拟MD5的破解性能:27589.7 MH/s,即每秒可进行275亿次考试测验。
root@kali:~# hashcat -D2 -b -m 3200 -w 4hashcat (v6.0.0) starting in benchmark mode...CUDA API (CUDA 10.2)==================== Device #1: GeForce GTX 1080, 8002/8116 MB, 20MCUOpenCL API (OpenCL 1.2 pocl 1.5, None+Asserts, LLVM 9.0.1, RELOC, SLEEF, DISTRO, POCL_DEBUG) - Platform #1 [The pocl project]============================================================================================================================= Device #2: pthread-Intel(R) Xeon(R) CPU E5-2678 v3 @ 2.50GHz, skippedBenchmark relevant options:=========================== --opencl-device-types=2 --workload-profile=4Hashmode: 3200 - bcrypt $2$, Blowfish (Unix) (Iterations: 32)Speed.#1.........: 23877 H/s (157.00ms) @ Accel:32 Loops:16 Thr:12 Vec:1Started: Thu Jun 25 14:06:12 2020Stopped: Thu Jun 25 14:06:21 2020root@kali:~#
SHA1算法的破解性能:9259.9 MH/s,即每秒92亿次,可见利用SHA1算法并没有比MD5算法安全多少。
root@kali:~# hashcat -D2 -O -m 100 -b -w 4hashcat (v6.0.0) starting in benchmark mode...CUDA API (CUDA 10.2)==================== Device #1: GeForce GTX 1080, 8002/8116 MB, 20MCUOpenCL API (OpenCL 1.2 pocl 1.5, None+Asserts, LLVM 9.0.1, RELOC, SLEEF, DISTRO, POCL_DEBUG) - Platform #1 [The pocl project]============================================================================================================================= Device #2: pthread-Intel(R) Xeon(R) CPU E5-2678 v3 @ 2.50GHz, skippedBenchmark relevant options:=========================== --opencl-device-types=2 --optimized-kernel-enable --workload-profile=4Hashmode: 100 - SHA1Speed.#1.........: 9259.8 MH/s (144.89ms) @ Accel:64 Loops:1024 Thr:1024 Vec:1Started: Thu Jun 25 14:03:54 2020Stopped: Thu Jun 25 14:04:03 2020root@kali:~#
SHA512算法的破解性能:1144.5 MH/s,即每秒11亿次,比较MD5及SHA1算法,抗爆能力有所提高,但还远远不足。
root@kali:~# hashcat -D2 -O -m 1700 -b -w 4hashcat (v6.0.0) starting in benchmark mode...CUDA API (CUDA 10.2)==================== Device #1: GeForce GTX 1080, 8002/8116 MB, 20MCUOpenCL API (OpenCL 1.2 pocl 1.5, None+Asserts, LLVM 9.0.1, RELOC, SLEEF, DISTRO, POCL_DEBUG) - Platform #1 [The pocl project]============================================================================================================================= Device #2: pthread-Intel(R) Xeon(R) CPU E5-2678 v3 @ 2.50GHz, skippedBenchmark relevant options:=========================== --opencl-device-types=2 --optimized-kernel-enable --workload-profile=4Hashmode: 1700 - SHA2-512Speed.#1.........: 1144.5 MH/s (293.12ms) @ Accel:16 Loops:1024 Thr:1024 Vec:1Started: Thu Jun 25 14:04:19 2020Stopped: Thu Jun 25 14:04:28 2020root@kali:~#
好吧,那MD5/SHA1/SHA512等算法都不能用,那用什么好了?熟习PHP的同学可能都知道,PHP有一个加密函数叫password_hash,它利用bcrypt算法来实现类似于MD5、SHA1等哈希算法的功能。不说废话,下面我们来看看这个算法扛爆能力又如何:
root@kali:~# php -r 'echo password_hash("password",PASSWORD_BCRYPT,["cost"=>5])."\n";'$2y$05$Zt5bJfRWS02JDuN/RGxpgumWveBMbel3dFmlM91/hob2sYuuzSHvaroot@kali:~# hashcat -D2 -b -m 3200 -w 4 hashcat (v6.0.0) starting in benchmark mode...CUDA API (CUDA 10.2)==================== Device #1: GeForce GTX 1080, 8002/8116 MB, 20MCUOpenCL API (OpenCL 1.2 pocl 1.5, None+Asserts, LLVM 9.0.1, RELOC, SLEEF, DISTRO, POCL_DEBUG) - Platform #1 [The pocl project]============================================================================================================================= Device #2: pthread-Intel(R) Xeon(R) CPU E5-2678 v3 @ 2.50GHz, skippedBenchmark relevant options:=========================== --opencl-device-types=2 --workload-profile=4Hashmode: 3200 - bcrypt $2$, Blowfish (Unix) (Iterations: 32)Speed.#1.........: 23866 H/s (157.05ms) @ Accel:32 Loops:16 Thr:12 Vec:1Started: Thu Jun 25 14:19:29 2020Stopped: Thu Jun 25 14:19:37 2020root@kali:~#
每秒钟仅仅23866次考试测验,是SHA512的5万分之一、SHA1的的40万分之一、MD5的116万分之一!
!
!
这里测试的bcrypt算法Iterations为32,对应password_hash的cost参数为5,而cost可配置范围为4-31,默认为10,如果以cost10来测试,抗爆效果更好。
须要把稳的是,password_hash函数的cost值越高耗费的算力越多,如当cost分别为4、10、16时,天生一个哈希耗时分别为0.013s、0.094s、4.619s,因此在利用时要权衡CPU处理能力并选择得当的cost值:
root@kali:~# time php -r 'echo password_hash("password",PASSWORD_BCRYPT,["cost"=>4])."\n";'$2y$04$GrLT1KUczmaPG4wympFDuOL2E.y6yquF/Chttdq0LW4aRg4lXLGeyreal 0m0.021suser 0m0.013ssys 0m0.009sroot@kali:~# time php -r 'echo password_hash("password",PASSWORD_BCRYPT,["cost"=>10])."\n";'$2y$10$93hm/BJuOA2r3nj.k1.RMeLMv0TfAeAAu1ehwmPoVso4Titpo96dmreal0m0.102suser0m0.094ssys0m0.008sroot@kali:~#root@kali:~# time php -r 'echo password_hash("password",PASSWORD_BCRYPT,["cost"=>16])."\n";'$2y$16$sF9IkXGi10Blt3Ds4l2MGOWaDuRs6aiJKuhwBCKoqC5OOtbujqJwKreal 0m4.623suser 0m4.619ssys 0m0.004sroot@kali:~#哈希加不加盐的差异
MD5、SHA1、SHA512这些哈希算法是不带盐的,以是同时破解1个哈希跟1万、1亿个所耗费的韶光实在差不多,仅仅是由于占用过多内存及磁盘带来些许的影响。但对付加了盐的bcrypt算法来说,每多一个哈希就多花一份韶光,如果破解1个哈希花一天韶光,那100个就要花100天。详细我就不在这里演示了,能融会就不言传了:)
除此之外,MD5、SHA1等非加盐算法还有个致命的弱点,即随意马虎被彩虹表破解。彩虹表是利用索引技能存储密码跟哈希值对应关系的数据表,须要破解哈希时只需去查询彩虹表便能很快获取结果,而不用花费巨大的算力去破解。
总之,MD5/SHA1/SHA5的算法在高算力面前没什么抵抗力,跟加盐算法比较要更随意马虎被破解。以是,建议不要再利用MD5/SHA了,PHP请利用password_hash函数,而Java则改用PBKDF2WithHmacSHA1等加盐算法。
#网络安全#
#PHP#
#Java#
