Design and implementation scheme of secure login system

Safety | design

For WEB applications, it is important to secure logins. But most WEB systems are sending plaintext when they send a login password, so it's easy for intruders to hear passwords. Of course, SSL is a good way to implement secure connections, but in many cases we can't set the server to be a WEB server with SSL. Therefore, if you add a secure login mechanism to your login system, you can implement secure logons on a WEB server that does not have SSL.

To achieve secure logons, you can use the following two methods, one based on an asymmetric encryption algorithm and another based on the HMAC algorithm. Let's discuss each of these two methods separately.

RSA algorithm and ECC (elliptic curve encryption) algorithm are the most commonly used in asymmetric encryption algorithms. To use asymmetric encryption algorithm to achieve secure login, the first need in the client to the server to request a login page, the server generates public and private key, and then the public key with the login page passed to the client browser, when users enter the username password click Login, login page JavaScript The asymmetric encryption algorithm is invoked to encrypt the username and password with the public key. Then on the server side, then the server to decrypt with the private key, and then the database with the user name password to compare, if consistent, the login succeeds, otherwise the login failed.

It looks simple, but there are a few problems here. At present, the 1024-2048-bit key is considered to be safe in the RSA algorithm. If the key length is less than this length, it is considered that it can be cracked. However, this length exceeds the range of numerical operations allowed by the programming language itself, and it needs to be simulated to realize the large number operation. In the WEB system, if the client, through JavaScript to simulate a large number of operations, the efficiency will be very low, so in order to use such a key on the client to encrypt data, many browsers emit too long execution time, stop the warning. However, decryption or key generation time is longer relative to encryption. Although decryption and key generation are performed on the server side, if the server side is a scripting language such as PHP and ASP, they will also be difficult to work with. The key length requirement of ECC algorithm is lower than that of RSA algorithm, the 160-bit key length in ECC algorithm is considered equivalent to the security of 1024-bit key length in RSA algorithm. Although it is still involved in the simulation of the large number of operations, but the ECC algorithm's key length of the calculation is acceptable, but the ECC algorithm is more complex than the RSA algorithm, so it is difficult to achieve.

Symmetric encryption algorithm is much faster than asymmetric encryption algorithm, why not use symmetric encryption algorithm? Because the symmetric encryption algorithm requires the data sender and receiver to share a key, therefore, if the sender of the WEB system is the client browser to encrypt the password, you need to obtain the key from the server, but the transfer of the key may be monitored, encrypted after the data if also be heard at the same time, The intruder can then decrypt the encrypted information directly by using the key that the supervisor hears.

But if we do not use the encryption algorithm and hash algorithm to deal with the login password, can avoid being directly decrypted from the original text, but if the direct use of MD5 or SHA1 to the login password processing after the submission, once the intruder to monitor the hash after the password, you do not need to decrypt the original, Directly to the monitoring of the data submitted to the server, you can achieve the purpose of the invasion. Moreover, the current MD5 algorithm has been cracked, SHA1 algorithm is proved to be theoretically cracked, even if the use of offline collision, you can find the same password equivalent to the original cipher. So it is not feasible to use MD5 or SHA1 to hash the cipher directly.

But if you add a key to the hash algorithm, the situation is different. The HMAC algorithm does just that, let's look at how to implement a secure login with the HMAC algorithm. First, when the client requests a login page to the server side, server-side generated a random string, together with the login page sent to the client browser, when the user entered the user name password, the password used MD5 or SHA1 to generate hash value as the key, server-side sent random string as message data, Perform the HMAC operation. The results are then submitted to the server. The password that is entered by the user is hashed and then used as the key, not as a key, to ensure that the key is long enough and not too long. After the server side accepts the data submitted by the client, the random string stored on the server and the user's password are performed the same operation, then compared, and if the result is consistent, the login succeeds or the logon fails.

The random strings sent by the server at each request are different, so even if an intruder hears the random string and the encrypted submitted data, it cannot submit the same data again for verification. And the data can not be used to calculate the key, so it can not forge the login information.

So at present, the method of using HMAC algorithm to implement secure login system is the most feasible.