[Glass] [squeak-dev] Re: [Pharo-dev] FFI blowfish for encrypting / decrypting [WAS] Re: How to encrypt a password?

Ron Teitelbaum ron at usmedrec.com
Mon Feb 17 21:54:50 PST 2014



From: Mariano Martinez Peck

On Mon, Feb 17, 2014 at 10:15 PM, Mariano Martinez Peck
<marianopeck at gmail.com> wrote:

On Mon, Feb 17, 2014 at 7:25 PM, Ron Teitelbaum <ron at usmedrec.com> wrote:

Hi Mariano,


Before I give you an answer, you should never ever ever not even for any
reason, ever, did I mention ever, store a user's password.  You can hash a
password, which means you store the hash value of the password.  You can
make it more secure by salting the hash or embedding your own key to the
hash, or doing a number of other things.  But you should always store an
encrypted hash and never a recoverable password.  The way this works is that
your user knows the password and can generate a hash at any time that you
can compare.  You store the hash of the password to compare.  The reason for
this should be obvious.  You don't want anyone to have access to that
password.  Not even programmers.  Your program doesn't need it either since
the user can generate that hash for you at any time.  It really is all you
ever need to store.



Hi Ron,


Thanks for the advice. I have been warned about this in the past so I am NOT
using this for storing passwords. Instead, there are instVars from certain
objects that are "password protected" because they represent some sensible
data. So these fields need to be encrypted/decrypted. The user needs to
supply a password for editing/viewing them. These fields were
encrypted/decrypted with Blowfish. And the key for the blowfish is the "
SecureHashAlgorithm new hashMessage: aString" of the password used to
protect them...


Anyway.... I do need encrypt/decrypt and it should be fast. I have just
tried ARC4 and seems to be fast. I have a few questions:


- If I make the ARC4 key larger is it likely to be safer? 

- How does ARC4 compare to blowfish from security point of view? Is blowfish
much more secure or not that much?



mmm reading a bit more I would say ARC4 may not be the most accurate for my
case. Why? Because I may have many fields from many objects all being
protected with the same password (hence, same key for the ARC4). This may
affect ARC4 security, right? And even more that key is not a random stream
but a fixed one (the  " SecureHashAlgorithm new hashMessage: aString" of the
password they are protected with)....


The key needs to be random.  You should have a separate key for every type
of data you store.  If it is customer data then for each customer etc.  


There is a certificate solution you might consider.  Using public and
private keys would solve your problem.  You encrypt data with the users
public key and store it.  They can retrieve the data with their private key.
Data still needs to be encrypted in transit (TLS) but you eliminate the need
to protect the keys.  Platforms have a good way to do that already.  The
problem of course is that if the user loses their private key (computer
crash or something) the data is securely lost.  (lost until the time runs
out.  All encrypted data has a shelf life.  Until the encryption is
eventually broken or computing gets so fast the key length is too short to
keep it secret).  


The best way to accomplish this is to store the key itself encrypted with
the users public key.  Then you salt and store your data using that key with
AES.  You send the data to the user (using TLS) along with the key and they
decrypt the AES key (using their certificate private key) then decrypt the
data with that key using AES.


One thing that might be obvious now is that you are basically implementing
SSL to be used over SSL.  J 


You could also consider using a database with security built in.  Then you
could use the db security to handle all of this for you. 


All the best,

Ron Teitelbaum





Thanks in advance!


If you are looking for a simple cypher for something other than a password
how about ARC4 from www.squeaksrouce.com/Cryptography 


|key cText pText|

key := SecureRandom picker nextBits: 254. 

cText := (ARC4 new key: key) encrypt: 'This is a very secure but meaningless
string' asByteArray.

pText := (ARC4 new key: key) decrypt: cText.

^pText asString

'This is a very secure but meaningless string'


It's pretty simple.  To get the plainText back all you need is the key.  


All the best,


Ron Teitelbaum


From: Pharo-dev [mailto:pharo-dev-bounces at lists.pharo.org] On Behalf Of
Mariano Martinez Peck
Sent: Monday, February 17, 2014 4:17 PM
To: Pharo Development List; glass at lists.gemtalksystems.com; The
general-purpose Squeak developers list
Subject: [Pharo-dev] FFI blowfish for encrypting / decrypting [WAS] Re: How
to encrypt a password?



On Thu, Nov 21, 2013 at 3:53 PM, Paul DeBruicker <pdebruic at gmail.com> wrote:

Mariano Martinez Peck wrote

> Hi Paul, and just to be sure I understand...none of them could work as a
> two-way encryption, right?
> The only one is your Pharo's version of Blowfish but that only works with
> 8
> chars long. Is it like this? Or is there any other two-way encryption?
> Thanks!

> --
> Mariano
> http://marianopeck.wordpress.com

Yes that's right.  The PasswordHashingFFI stuff is all one way encryption.
Blowfish is two way, and the current implementation only works for 8 byte
chunks.  I stopped working on it when the Smalltalk bcrypt implementation I
wanted proved to be 5000x times slower than the FFI version. Someone needs
to add the CBC part to Blowfish to encrypt longer strings.  I do not know of
another in image two way encryption scheme, but there may be something in
the Cryptography repo.  I'm not sure.


Hi Paul,


Sorry for the cross posting. 


I was using the Smalltalk version of the Blowfish you did to encrypt and
decrypt things. But now I realize it is very very slow for the usage I need.
You seem to have faced the same problem. 


I am encrypting pieces of 8 characters long. But I wonder if the decryption
is available as well in FFI version? I see #ffiCrypt:with:   but nothing to


Thanks in advance 







-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.gemtalksystems.com/mailman/private/glass/attachments/20140218/8f816c4a/attachment-0001.html>

More information about the Glass mailing list