RubyGems.org

fshp

0.2.1

FSHP: Fairly Secure Hashed Password =================================== What is FSHP? ————- Fairly Secure Hashed Password (FSHP) is a salted, iteratively hashed password hashing implementation. Design principle is similar with PBKDF1 specification in RFC 2898 *(a.k.a: PKCS #5: Password-Based Cryptography Specification Version 2.0)* FSHP allows choosing the salt length, number of iterations and the underlying cryptographic hash function among SHA-1 and SHA-2 (256, 384, 512). Security ——– Default FSHP1 uses 8 byte salts, with 4096 iterations of SHA-256 hashing. - 8 byte salt renders rainbow table attacks impractical by multiplying the required space with 2^64. - 4096 iterations causes brute force attacks to be fairly expensive. - There are no known attacks against SHA-256 to find collisions with a computational effort of fewer than 2^128 operations at the time of this release. Implementations ————— - Python: Tested with 2.3.5 *(w/ hashlib)*, 2.5.1, 2.6.1 - Ruby : Tested with 1.8.6 - PHP5 : Tested with 5.2.6 - Java : Tested with 1.4, 1.5, 1.6. Dependency: Apache Commons - Codec (Base64) - Perl : Tested with 5.8.8 Everyone is more than welcome to create missing language implementations or polish the current ones. Basic Operation ————— >> require 'fshp' => true >> hashed_pw = FSHP.crypt('OrpheanBeholderScryDoubt') => "{FSHP1|8|4096}UNQMw/aTKD3VIorr9ygHQ/T6WBUwJV/mTxlxxvrpTyL7EWnCQkAO1Q==" >> FSHP.check('OrpheanBeholderScryDoubt', hashed_pw) => true Customizing the Crypt ——————— Let's set a higher password storage security baseline. - Increase the salt length from default 8 to 16. - Increase the hash rounds from default 4096 to 8192. - Select FSHP3 with SHA-512 as the underlying hash algorithm. >> hashed_pw = FSHP.crypt('ExecuteOrder66', nil, 16, 8192, 3) => "{FSHP3|16|8192}pY79Bp1caqcdGE1eTJzktt7urYrQAcdBWiY6x0CkNI0Ren+sQq7YO7YRexxlx166j6tVIAPA07DuHxfUP/JvKfjX8r/9ZfVBy//ON32dHQA="
installgem install fshp -v 0.2.1
Authors

Berk D. Demir

3,186 total downloads 1,528 for this version
Owners

Bd325b84bb0dbcfe953ed6543509f39b

Gemfile
gem 'fshp', '~> 0.2.1'
Versions
  1. 1.0.0 February 23, 2009 (6.5 KB)
  2. 0.2.1 February 1, 2009 (5.5 KB)