Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Password hashing is crypto, too. Don't roll your own crypto.


I agree with this advice, even though I'm probably the worst offender. I have:

    - Rolled my own password library (linked elsewhere in this thread)
    - Rewritten an existing AES-CBC + HMAC-SHA-256 library to use a different 
      underlying driver (mcrypt is basically a mummy at this point)
    - Did both of these things in PHP, which a lot of people assume
      is inherently incompatible with security
However, everything I've done in this vein has been passed before people who are far smarter than myself, to which I received no complaints. And I constantly seek out criticism from people who understand crypto too. (Aside: Most crypto people are dicks. But they mean well.)


One question: _Why?_

However many people have reviewed your code, far more people have reviewed libraries like bcrypt!


My code uses bcrypt. It's a wrapper around password_hash() and it also passes it through an authenticated encryption library.

When I said I wrote my own crypto code, I don't mean like something that belonged in a PHC entry.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: