summaryrefslogtreecommitdiff
path: root/util/sql
diff options
context:
space:
mode:
authorYorhel <git@yorhel.nl>2014-10-15 14:20:56 +0200
committerYorhel <git@yorhel.nl>2014-10-15 14:20:56 +0200
commit6e0a0e1d00e11da9b4eab2163e19314f752b05b5 (patch)
treea65e4b62d81d395c9988f7045b4e83deec8b2485 /util/sql
parent13e967810a8b336164d22167bb047ad1dbb5a836 (diff)
Use scrypt for new password hashes
I increased the N parameter to approximate about 500ms to generate the hash. This is quite a paranoid setting for a website, but login attempts are throttled so there's not much of a DoS factor. (Alright, password changing feature isn't throttled so the DoS factor still exists. But really, there's some pages with longer page generation times anyway.) I did lower the size of the salt a bit (Crypt::ScryptKDF uses 256 bits by default), because 64 bits of randomness should have low enough chance of collision with only ~100k users (even with a million users, seriously).
Diffstat (limited to 'util/sql')
-rw-r--r--util/sql/schema.sql8
1 files changed, 7 insertions, 1 deletions
diff --git a/util/sql/schema.sql b/util/sql/schema.sql
index 09b334f9..32561dc9 100644
--- a/util/sql/schema.sql
+++ b/util/sql/schema.sql
@@ -368,9 +368,15 @@ CREATE TABLE users (
-- First 9 bytes: salt (ASCII)
-- Latter 20 bytes: sha1(hex(token) + salt)
-- 'token' is a sha1 digest obtained from random data.
- -- * 41 bytes: Hashed/salted password
+ -- * 41 bytes: sha256 password
-- First 9 bytes: salt (ASCII)
-- Latter 32 bytes: sha256(global_salt + password + salt)
+ -- * 46 bytes: scrypt password
+ -- 4 bytes: N (big endian)
+ -- 1 byte: r
+ -- 1 byte: p
+ -- 8 bytes: salt
+ -- 32 bytes: scrypt(passwd, global_salt + salt, N, r, p, 32)
-- * Anything else: Invalid, account disabled.
passwd bytea NOT NULL DEFAULT '',
registered timestamptz NOT NULL DEFAULT NOW(),