I'm creating a website using ASP.NET 4.5 and C# for the code behind. I have a sql database with user logins and passwords. I've encrypted the password using salt values and hashes which are plainly visible in the code behind. I can't see them when I view the source of the published website, but is this a secure method? Can this somehow be decompiled?

I can't think of a way to encode the ultimate salt values, hashes, etcs in the code file that eventually would need to be in plaintext for the site to automatically access the databases it needs to. Is this concern even necessary?

ALSO: I also have the connection string to the database in plaintext in the web.config file. Is that secure? I've read knowledge base articles on how to encrypt this using utilities on the web server but ultimately this site will probably be hosted so I won't have access to those utilties. The website has to get this info from somewhere automatically so it can read all the info it needs. Maybe I'm making a big deal out of nothing, but I'd like the database to be secure. Thanks in advance.

9/28/2012 12:34:43 AM

http://en.wikipedia.org/wiki/Avalanche_effect
!=
http://en.wikipedia.org/wiki/Encryption

9/28/2012 1:47:56 AM

Can you clarify what you mean when you say the salt values and hashes are in the code? I'm no expert, but I'm pretty sure you generally store each account's salt in the database (since you'll need it to verify their password).

9/28/2012 6:23:49 AM

Right now I just have a static salt value, instead of one for each password. That can easily be changed though. I read about concatenating the salt to the password but them I'm not sure how then I would be able to get the salt value out of the string later.

So let me be explicit about what I currently have. I have a login.aspx with a form to login. Behind that I have a login.aspx.cs with my server-side code. I also have a Crypto class with static functions for encrypting and decrypting. These functions take just plaintext strings for the salt values, init vectors, etc.

My login.aspx.cs currently just has these parameters as plaintext strings. The user's password has been encrypted using these parameters and resides in the database in cryptotext. I don't have the user's password in plaintext anywhere, but in my code file is the information one would need to decrypt it.

I'm just not sure how visible this code is when the website is published.

9/28/2012 8:48:43 AM

Quote :

"Right now I just have a static salt value, instead of one for each password."

Well, that's your first problem. If your code was to be compromised along with your database, your passwords are as good as cracked. How would code be compromised? I'm not seeing the decompilation angle.... unless they get access to your server.

Quote :

"I don't have the user's password in plaintext anywhere, but in my code file is the information one would need to decrypt it."

I'm not sure I understand. You, as a developer, should never be able to decrypt the user's passwords.

Quote :

"Right now I just have a static salt value, instead of one for each password. That can easily be changed though. I read about concatenating the salt to the password but them I'm not sure how then I would be able to get the salt value out of the string later."

Now I'm really confused. What I'm expecting is: hash = HASH-FUNCTION(salt + password)

Then save hash in the database (and salt also if it's unique). If you're doing something different, can you provide pseudocode?

[Edited on September 28, 2012 at 10:27 AM. Reason : asdfasdf]

9/28/2012 10:24:35 AM

I think you're right about the code being safe unless the server is compromised (at which point we've got bigger problems).

However, you touched on what I think is a methodology problem on my end.

Let's say: A user logs into my website to set up an account. They type in a password (masked or whatever) to submit to my application to put it in the database.

So at this point, I need to use a function to encrypt it and then save it into the database and have some way to decrypt it later when they try to log in. How would I achieve this without "knowing how to encrypt/decrypt it?"

As far as psuedocode what i'm doing now is essentially this.

user_password = <whatever the user typed in..plaintext>
salt = "somestaticstring"
initVector = "someotherstaticstring"
password = "yetanotherstaticstring"

InsertIntoDatabase(Encrypt(user_password, salt, initVector, password))

Then when the user logs in to check their password:

Decrypt(cryptotextFromDatabase, salt, initVector, password)

-------------------------------------------------------------
I'm sure there's a better way to do this, and as you suggest a way that means I never get to see their password. Just trying to wrap my head around how.

9/28/2012 11:03:37 AM

What CaelNCSU was getting at: cryptographic hash functions
http://en.wikipedia.org/wiki/Cryptographic_hash_function

You want to hash the password instead of encrypting it. For all intents and purposes, it's a one way function. You can't easily decrypt (or reverse) the result.

The way you check their password when they login is you hash their password again and see if the result is what you have saved. But you still never have a way to get their password from what you have stored in the database.

I'm not sure what your functions are doing internally, but it really is as simple as the pseudocode I supplied.

Also, why we're on the subject you may want to choose a slow hashing function such as bcrypt:
http://codahale.com/how-to-safely-store-a-password/

9/28/2012 11:30:47 AM

Quote :

"Can this somehow be decompiled"

look at the dlls with reflector or justdecompile. beyond that, somebody would have to look at the dlls with a hex editor, which makes it hard to find anything valuable like your hash unless you know where to look


more generally, the password hashing info others are talking about are things you should also consider, but i think what i just said addresses your concern about somebody decompiling your code

[Edited on September 28, 2012 at 12:36 PM. Reason : .]

9/28/2012 12:35:24 PM

Thanks for the info all. I'll hang onto my crypto class in case I want to encrypt/decrypt anything else.

But wait, I have a question:

Quote :

"You want to hash the password instead of encrypting it. For all intents and purposes, it's a one way function. You can't easily decrypt (or reverse) the result. "

How do I do this without ever getting their password in plaintext? They're inputting it into a field in a webpage and I'll have to get the data out of that field in order to hash it and compare the hash. At some point, won't I have to "have their password" in plaintext?

[Edited on September 28, 2012 at 2:05 PM. Reason : .]

9/28/2012 2:02:53 PM

Of course you'll "have their password" temporarily. There's no way around that.

Does that lead to a concern of some sort?

9/28/2012 3:05:24 PM

Nope, not really. You were just saying as the developer I should never be able to decrypt their password. Kind of a moot point to me since they're sending it to me in plaintext. I'll implement a one way hash though.

9/28/2012 3:34:46 PM

The point is you should never have a record of their password in plaintext. If you ever click a lost password link on a site and get your password emailed back to you, that's a big problem.

9/29/2012 11:04:47 AM