Click here to Skip to main content
15,868,141 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
Hello,

We have one ASP.NET web application which is build in .net framework 4.5 version. Currently on production this application is using SHA1 encrption alogorith.This alogorithm is set in "MachineKey" tag of application's web.config file. This applicaion uses Asp.Net Membership concept for maintaining Login credentials.

As the SHA1 alogorith is on verge of degradation so we want to update our application from SAH1 to SHA2. For this we have set "HMACSHA256" in "MachineKey" tag of application's web.config file.

After upgrading our application to SHA2 with above settings, we expect that the older users passwords(which was encrypted using SHA1 and already present in memebership database) will not work with SHA2 alogorithm. But it allows older users to login without any modification in previously encrypted password.

Can you please help us on following questies related to SHA1 to SHA2 migration:

Question 1 : Does the changes made in "MachineKey" tag of application's web.config file is enough/recommended for this migration?

Question 2 : As we are still able to login into the application using previosuly encrpted passwords, does the memebership database really uses the SHA2 encrption set in web.config file? Or we need to add some additional settings to enable SHA2 encrption on memebership database level? Please advice.

Please suggest if there is any best way to enable SHA2 encrption on Memebership database level.

Thanks,
Riz
Posted
Updated 21-Jan-16 5:27am
v2
Comments
Sergey Alexandrovich Kryukov 21-Jan-16 11:13am    
SHA1 and SHA2 are cryptography families of algorithm, but they don't do "encryption". This is the key. You can upgrade the algorithms, but old passwords should be kept based on the old one. You can only ask the users to re-define all passwords.
—SA

Despite the fact that Sergey brings up in his comment to your question, the task is still very tough to be performed for an actively used application. I would assume that you meant to say, "SHA1" hashing algorithm. Encrypting using SHA1 would be as if you only want encrypt, and not decrypt.

Now, the thing is, that your passwords are hashed using SHA1 algorithm, keep it that way! Even if you want to upgrade your systems to SHA2 based algorithms, your users won't be happy. Due to many reasons:

1. You cannot change their passwords on your own, because you cannot revert the hash. If you knew their passwords, then the purpose hashing is unknown.
2. Their would be a conflict between password hashing of both the types. SHA1 and SHA2.
3. SHA2 is also going to fade away (as in your calculation!), SHA-3[^] is coming in hot.

Now, to answer your problem here. There is only one thing you can do, ask your users to update their passwords! It would be same as "updating" the passwords, once they have forgotten it. But only this time, you will allow them to enter their previous passwords as a security concern.

1: Updating the application's architecture, without prior and proper understanding of the side effects. I won't go up with updating just web.config to overcome this problem.

2: You would need to hold SHA1 digests for your current users and manage SHA2 digests for the rest. What I would suggest is that you create an extra field to hold "IsSHA2" and then check either one of them.

Otherwise, you can ask your users to update their previous passwords and update them to SHA2 digests.
 
Share this answer
 
v2
Comments
Sergey Alexandrovich Kryukov 21-Jan-16 11:38am    
My 5, but I don't understand why your wrote "Despite the fact that Sergey brings up...". It's not "despite".

In fact, after my comment to the question, before you posted your answer, I wrote exact recipe for what should be done. If I'm not much mistaken, you suggest the same thing (except SHA-3 which is probably a good idea, but I hope SHA-2 is still good enough). Probably, this is because this is the only valid course of action.

Please see Solution 2.

—SA
rizdplex 22-Jan-16 4:57am    
Thanks for all your valuable comments, Our application is acessed across by millons users, practically migrating them would be a long time process and that happen with time as application is used. And your comments are going to be helpful.

Would like to elaborate part of the question depending upon the feedback you have provided
"After upgrading our application to SHA2 with above settings, we expect that the older users passwords(which was encrypted using SHA1 and already present in memebership database) will not work with SHA2 alogorithm. But it allows older users to login without any modification in previously encrypted password.  "

the application uses Asp.net Membership concept for mantaining login credentials, after specifying SHA2 as algorithm to be used for authenticating the user ideally depending upon feedback from your side it should not allow login but to out strange it allows old passwords hashed using SHA1 sucessfully login into the application .
My question is what hashing algorithm does Asp.net Membership concept use for Hashing passwords.
Please see my comment to the question.

The key is: you are using cryptographic hash function calculated on passwords to store it for password-based authentication. And this is very good: you should never store passwords themselves. Only the user who created the password should know it, no one else. No matter what other information you have, what access to the system you have, if you don't know a password, you cannot restore it from the known hash function of it. Actually, this is the main purpose of cryptographic hash function: cryptographically feasible inversion of the hash function does not exist: Cryptographic hash function — Wikipedia, the free encyclopedia[^].

This is how it is different from encryption: with encryption, you can get original data if you have some key. With cryptographic hash function, this is infeasible and is not meant to happen. This is not encryption at all. However, strictly speaking, SHA-1 is found vulnerable and probably can be cracked (SHA-1 — Wikipedia, the free encyclopedia[^]), but it would be not loyal to your customers, and just ethically unacceptable. So, I think you don't have a choice; there is only one valid approach. I'll explain it…

You have to support two stored collections of password data. One should contain cryptographic hash function for the passwords of "old" users, already obtained based on SHA-1. Another one should be used for new users or, more exactly, the users who create new passwords, and that collection should be used on SHA-2. Moreover, you should encourage all the "old user" to re-define their passwords. They can setup the same password as before, it does not matter. Tell them that doing that is critically important. It will initiate the procedure of establishing a new password, so SHA-2 will be used and stored in the second, newer collection of password hash data. Hope with time all users will migrate to new collection of password hash data. Only then you will be able to get rid of SHA-1 completely.

—SA
 
Share this answer
 
v2
Comments
rizdplex 22-Jan-16 4:56am    
Thanks for all your valuable comments, Our application is accessed across by millions users, practically migrating them would be a long time process and that happen with time as application is used. And your comments are going to be helpful.

Would like to elaborate part of the question depending upon the feedback you have provided
"After upgrading our application to SHA2 with above settings, we expect that the older users passwords(which was encrypted using SHA1 and already present in membership database) will not work with SHA2 algorithm. But it allows older users to login without any modification in previously encrypted password.  "

the application uses Asp.net Membership concept for mantaining login credentials, after specifying SHA2 as algorithm to be used for authenticating the user ideally depending upon feedback from your side it should not allow login but to out strange it allows old passwords hashed using SHA1 successfully login into the application .
My question is what hashing algorithm does Asp.net Membership concept use for Hashing passwords.
Sergey Alexandrovich Kryukov 22-Jan-16 10:46am    
You are welcome.

Sorry, I can only elaborate what I wrote. Why would I elaborate something I did not? Sorry, your second paragraph looks gibberish to me. "We expect that the older... will not work with SHA2..." You should not expect. You should use what I advised. Have two sub-systems, older and newer. By a user name, detect which one should be used for a given user. I described the migration process. Is anything unclear? Are you going to accept the answer formally?

—SA

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900