Issue 366 in freemedforms: Password hashing is too weak

[freeme...@googlecode.com]

Status: New
Owner: eric.mae...@gmail.com
CC: con...@medecinelibre.com
Labels: Type-Enhancement Priority-Critical Milestone-Release0.9.0
Component-FreeMedForms Security Maintainability

New issue 366 by eric.mae...@gmail.com: Password hashing is too weak
http://code.google.com/p/freemedforms/issues/detail?id=366

This issue was created by revision 11c26abf41fa.

>>> >> SHA-1 (used by FMF in /libs/utils/global.cpp to hash password) is a
>>> >> message digest, not a secure password hashing algorithm.
>>> >> see:
>>> http://www.infosecurity-magazine.com/view/14059/sha1-crypto-protocol-cracked-using-amazon-cloud-computing-resources/

The main problem was that Qt4.x does only include Md4, Md5 and SHA1 hashing
methods. Qt5 introduces many more (SHA256).

Qt4.8 (default Qt version in wheezy & still in sid)

http://qt-project.org/doc/qt-4.8/qcryptographichash.html

Qt5.3 (available in wheezy and sid)

http://qt-project.org/doc/qt-5/qcryptographichash.html

The password hash are stored in the FMF user database.
We can store password in a prefixed string like this:

<sha1-hash> // for old compatibility
<method>:<method-hash> // updated password hash

Eg:
sha256:<sha256-hash> // updated sha256
sha512:<sha512-hash> // updated sha512

This will prohibit the retrocompatibility with a previous version in case
of problems. As version <= 0.9.0 will not be able to check the passwords of
users using more than SHA1 hashing method.

--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings

[freeme...@googlecode.com]

Comment #3 on issue 366 by eric.mae...@gmail.com: Password hashing is too
weak
http://code.google.com/p/freemedforms/issues/detail?id=366

This issue was updated by revision 18fe4c1e200d.

Password encryption: correcting Qt5 code (unit-tests)

[freeme...@googlecode.com]

Comment #7 on issue 366 by eric.mae...@gmail.com: Password hashing is too
weak
http://code.google.com/p/freemedforms/issues/detail?id=366

This issue was updated by revision f1a8970aa4c8.

Unit-testings

[freeme...@googlecode.com]

Comment #4 on issue 366 by eric.mae...@gmail.com: Password hashing is too
weak
http://code.google.com/p/freemedforms/issues/detail?id=366

This issue was updated by revision 660a95e7b7fa.

Renaming member: Utils::crypt -> Utils::nonDestructiveEncryption

[freeme...@googlecode.com]

Comment #5 on issue 366 by eric.mae...@gmail.com: Password hashing is too
weak
http://code.google.com/p/freemedforms/issues/detail?id=366

This issue was updated by revision 40ad16fb9a9c.

Password encryption: better definition of available algorithm, unit-tests

[freeme...@googlecode.com]

Comment #6 on issue 366 by eric.mae...@gmail.com: Password hashing is too
weak
http://code.google.com/p/freemedforms/issues/detail?id=366

This issue was updated by revision 3cbbb083c4de.

Using the new Password encryption method in the code
/!\ User connection not fully tested

[freeme...@googlecode.com]

Updates:
Status: Started

Comment #8 on issue 366 by eric.mae...@gmail.com: Password hashing is too
weak
http://code.google.com/p/freemedforms/issues/detail?id=366

This issue was updated by revision 11f2510faf76.

We now need some testings migrating user database from 0.9.0 to the current
development version.
Test should include SQLite & MySQL configurations

[freeme...@googlecode.com]

Comment #9 on issue 366 by eric.mae...@gmail.com: Password hashing is too
weak
http://code.google.com/p/freemedforms/issues/detail?id=366

This issue was updated by revision c22414e53ed2.

FIXME: Tag userbase version

[freeme...@googlecode.com]

Comment #10 on issue 366 by eric.mae...@gmail.com: Password hashing is too
weak
http://code.google.com/p/freemedforms/issues/detail?id=366

This issue was updated by revision 106735793776.

Tagging user database version with the running Qt version.
This is required for the password hashing.
Check compatibility with database/running Qt versions.