Bcrypt: Perbedaan antara revisi

Jelajahi riwayat secara interaktif

← Revisi sebelumnya

Konten dihapus Konten ditambahkan

VisualTeks wiki

Revisi per 8 April 2019 04.24 sunting AABot (bicara \| kontrib) Bot, Pengecualian blokir IP 913.306 suntingan k Bot: Perubahan kosmetika Tag: PAWS [1.2] ← Revisi sebelumnya		Revisi terkini sejak 12 Juni 2023 04.04 sunting balikkan AABot (bicara \| kontrib) Bot, Pengecualian blokir IP 913.306 suntingan k fix Tag: paws [2.2]
(7 revisi perantara oleh 6 pengguna tidak ditampilkan)
Baris 1: {{lowercase title}} '''bcrypt''' merupakan fungsi hashing kata sandi yang dirancang oleh dua orang peneliti keamanan komputer [https://www.provos.org/ Niels Provos] dan David Mazières, cipher [[Blowfish (penyandian)\|Blowfish]] adalah dasar pembuatan bcrypt, dan disajikan di USENIX pada tahun 1999. <ref name="provos">{{Cite journal\|last=Provos\|first=Niels\|last2=Mazières, David\|last3=Talan Jason Sutton 2012\|year=1999\|title=A Future-Adaptable Password Scheme\|url=http://www.usenix.org/events/usenix99/provos/provos_html/node1.html\|journal=Proceedings of 1999 USENIX Annual Technical Conference\|pages=81–92}}</ref> bcrypt dapat melindungi dari serangan [[Tabel pelangi\|rainbow table]] dengan mengunakan [[Salt (kriptografi)\|salt]], selain itu, bcrypt adalah fungsi adaptif: seiring waktu, jumlah iterasi dapat ditingkatkan untuk membuatnya lebih lambat, sehingga tetap aman terhadap serangan pencarian brute-force bahkan dengan meningkatnya daya komputasi. Fungsi bcrypt merupakan ~~algoritma~~algoritme hash password dasar untuk [[OpenBSD]] <ref name="original">{{Cite web\|url=//cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libc/crypt/bcrypt.c\|title=Commit of first work to repo\|date=13 Feb 1997}}</ref> dan sistem lain termasuk beberapa [[distribusi Linux]] seperti SUSE Linux . <ref>{{Cite web\|url=https://www.suse.com/support/security/advisories/2011_35_blowfish.html\|title=SUSE Security Announcement: (SUSE-SA:2011:035)\|date=23 August 2011\|archive-url=https://web.archive.org/web/20160304094921/https://www.suse.com/support/security/advisories/2011_35_blowfish.html\|archive-date=4 March 2016\|dead-url=yes\|access-date=20 August 2015\|quote=SUSE's crypt() implementation supports the blowfish password hashing function (id $2a) and system logins by default also use this method.}}</ref> bcrypt dapat diimplementasikan pada bahasa pemrograman PHP, Python, JavaScript, C, C ++, C #, Go, <ref>{{Cite web\|url=https://godoc.org/golang.org/x/crypto/bcrypt\|title=Package bcrypt\|website=godoc.org}}</ref> Java, <ref>{{Cite web\|url=http://www.mindrot.org/projects/jBCrypt/\|title=jBCrypt - strong password hashing for Java\|website=www.mindrot.org\|language=en\|access-date=2017-03-11}}</ref> <ref>{{Cite web\|url=https://github.com/patrickfav/bcrypt\|title=bcrypt - A Java standalone implementation of the bcrypt password hash function\|website=github.com\|language=en\|access-date=2018-07-19}}</ref> Elixir, <ref>{{Cite web\|url=https://github.com/riverrun/bcrypt_elixir\|title=Bcrypt Elixir: Bcrypt password hashing algorithm for Elixir.\|last=Whitlock\|first=David\|website=GitHub\|publisher=riverrun}}</ref> Perl, <ref>{{Cite web\|url=https://github.com/pyca/bcrypt/\|title=bcrypt: Modern password hashing for your software and your servers\|last=Stufft\|first=Donald\|publisher=}}</ref> Ruby dan bahasa lain▼ == Algortima == <span data-segmentid="94" class="cx-segment">Algoritme bcrypt adalah hasil dari enkripsi teks ''"OrpheanBeholderScryDoubt"'' 64 kali menggunakan [[Blowfish (penyandian)\|Blowfish]] .</span> <span data-segmentid="96" class="cx-segment">Dalam bcrypt fungsi biasa key setup pada Blowfish digantikan dengan fungsi expensive key setup (EksBlowfishSetup)</span> '''Function''' bcrypt '''Input:''' cost: Number (4..31) log<sub>2</sub>(Iterations). e.g. 12 ==> 2<sup>12</sup> = 4,096 iterations salt: array of Bytes (16 bytes) random salt password: array of Bytes (1..72 bytes) UTF-8 encoded password '''Output:''' hash: array of Bytes (24 bytes) //Initialize Blowfish state with expensive key setup algorithm ''state'' <- EksBlowfishSetup(''cost'', ''salt'', ''password'') //Repeatedly encrypt the text "OrpheanBeholderScryDoubt" 64 times ''ctext'' <- ''"OrpheanBeholderScryDoubt"'' //24 bytes ==> three 64-bit blocks '''repeat''' (64) ''ctext'' EncryptECB(''state'', ''ctext'') //encrypt using standard Blowfish in ECB mode //24-byte <- ''ctext'' is resulting password hash '''return''' Concatenate(''cost'', ''salt'', ''ctext'') === Expensive key setup === Algoritme bcrypt sangat bergantung pada algoritme key setup "Eksblowfish", berikut algoritmanya: '''Function''' EksBlowfishSetup '''Input:''' cost: Number (4..31) log<sub>2</sub>(Iterations). e.g. 12 ==> 2<sup>12</sup> = 4,096 iterations salt: array of Bytes (16 bytes) random salt password: array of Bytes (1..72 bytes) UTF-8 encoded password '''Output:''' state: opaque BlowFish state structure ''state'' <- InitialState() ''state'' <- ExpandKey(''state'', ''salt'', ''password'') '''repeat''' (2<sup>''cost''</sup>) ''state'' <- ExpandKey(state, 0, password) ''state'' <- ExpandKey(state, 0, salt) '''return''' ''state'' === Expand key === Berikut algoritme fungsi ExpandKey '''Function''' ExpandKey(''state'', ''salt'', ''password'') '''Input:''' state: Opaque BlowFish state structure Internally contains P-array and S-box entries salt: array of Bytes (16 bytes) random salt password: array of Bytes (1..72 bytes) UTF-8 encoded password '''Output:''' state: opaque BlowFish state structure //Mix password into the internal P-array of ''state'' '''for''' ''n'' <- 1 '''to''' 18 '''do''' P<sub>n</sub> <- P<sub>n</sub> xor ''password''[32(n-1)..32n-1] //treat the password as cyclic //Encrypt state using the lower 8 bytes of salt, and store the 8 byte result in P<sub>1</sub>\|P<sub>2</sub> ''block'' <- Encrypt(''state'', ''salt''[0..63]) P<sub>1</sub> <- ''block''[0..31] //lower 32-bits P<sub>2</sub> <- ''block''[32..63] //upper 32-bits //Continue encrypting state with salt, and storing results in remaining P-array '''for''' ''n'' <- 2 '''to''' 9 '''do''' ''block'' <- Encrypt(''state'', ''block'' '''xor''' ''salt''[64(n-1)..64n-1]) //encrypt using the current key schedule and treat the salt as cyclic P<sub>2n-1</sub> <- ''block''[0..31] //lower 32-bits P<sub>2n</sub> <- ''block''[32..63] //upper 32-bits //Mix encrypted state into the internal S-boxes of ''state'' '''for''' ''i'' <- 1 '''to''' 4 '''do''' '''for''' ''n'' <- 0 '''to''' 127 '''do''' ''block'' <- Encrypt(''state'', ''block'' '''xor''' ''salt''[64(n-1)..64n-1]) //as above S<sub>i</sub>[2n] <- ''block''[0..31] //lower 32-bits S<sub>i</sub>[2n+1] <- ''block''[32..63] //upper 32-bits '''return''' ''state'' ▲bcrypt dapat diimplementasikan pada bahasa pemrograman PHP, Python, JavaScript, C, C ++, C #, Go, <ref>{{Cite web\|url=https://godoc.org/golang.org/x/crypto/bcrypt\|title=Package bcrypt\|website=godoc.org}}</ref> Java, <ref>{{Cite web\|url=http://www.mindrot.org/projects/jBCrypt/\|title=jBCrypt - strong password hashing for Java\|website=www.mindrot.org\|language=en\|access-date=2017-03-11}}</ref> <ref>{{Cite web\|url=https://github.com/patrickfav/bcrypt\|title=bcrypt - A Java standalone implementation of the bcrypt password hash function\|website=github.com\|language=en\|access-date=2018-07-19}}</ref> Elixir, <ref>{{Cite web\|url=https://github.com/riverrun/bcrypt_elixir\|title=Bcrypt Elixir: Bcrypt password hashing algorithm for Elixir.\|last=Whitlock\|first=David\|website=GitHub\|publisher=riverrun}}</ref> Perl, <ref>{{Cite web\|url=https://github.com/pyca/bcrypt/\|title=bcrypt: Modern password hashing for your software and your servers\|last=Stufft\|first=Donald\|publisher=}}</ref> Ruby dan bahasa lain == Referensi == {{reflist}} {{Hash kriptografi}} [[Kategori:Perangkat lunak kriptografi]]