I am creating application that uses PostgreSQL and I want to hash passwords on the database server. Documentation says bf algorithm can't handle passwords longer than 72 characters. Is it safe to hash password using SHA-256 an then hash it using the bf algorithm?
I am going to use something like crypt(sha256_as_hex(password), salt) (in pseudocode). Is it OK?
We are using PBEWITHSHA256AND256BITAES-CBC-BC algorithm for encrypting data.
What is the role of SHA-256 here?
Most of the forums states that PBKDF2 is a key derivation function? Does that use any algorithm internally to convert digest the plain text?
What does salt mean in bcrypt hashing?
Can I retrieve plain text from salt and hash?
Is there any online websites or tools to decrypt bcrypt hash correctly?
Thank my dear freind.
The point of hashing is creating input => output transform that's hard to reverse.
The point of salting the input is to prevent identical inputs from getting the same output by adding some random portion to input sequence before hashing.
So no, you cannot retrieve plain text from salt and hash (other than brute forcing or exploiting, if any, vulnerability of bcrypt algorithm or it's implementation).
How can I Decrypt the code which is Encrypted by md5 method in PostgreSQL.
eg: md5("logesh") returns '82e05c4839aba7c637881489bec50dd1'
How can I decrypted this code.
You can't. MD5 isn't encryption. It's a one-way cryptographic hash function. With enough compute power and/or storage you can brute force md5 to figure out what the plaintext might have been but it's only one possible plaintext for that hash. It's designed to be both slow and difficult to reverse, and impossible to reverse 1:1. There are known MD5 collisions.
PostgreSQL's use of "encrypt" in WITH ENCRYPTED PASSWORD is somewhat incorrect, it should really be WITH HASHED PASSWORD. But too late to change it now.
If you want encryption look into pgcrypto which offers AES-128 routines, etc. Or do your encryption and decryption client-side where key exposure in logs, pg_stat_statements etc isn't such a concern.
I have oracle database to move on to new postgresql server.
Some tables are having field sesitive and those are all encryted through DBMS_OBFUSCATION_TOOLKIT.DESENCRYPT/DESDECRYPT.
The problem is here. The size of postgresql's encrypted data size(bytea type) should be the same with oracle's.
I tried to get it done with aes(encrypt/decrypt) which takes almost three times larger than raw data.(oracle takes 16byte with des algorithm, postgresql takes 33byte with aes and the raw data is of 13byte.)
I tried the postgresql crypt also, but the manual doesn't metion the way of decrypting it back limiting 8byte of raw data size.
Now i really need encrypt method which takes as small encryted data size as possible and provides decrypt method also.
Is there a good way or the other options for me???
Thanks in advance.
Crypt and DES are old cyphers and should not be used
Plain old DES is an obsolete algorithm. You can't really usefully compare it to AES128; it's like complaining that a SHA256 hash is bigger than an MD5 hash - yep, it is, but only one of them might slow the attacker down for a while. DES was widely considered weak even in 1999 and should never be used in new applications. Do not use it.
I don't think it's a good idea to seek an encryption method that "provides the smallest data size possible" - because it's basically a waste of time to encrypt data using DES. Why not use ROT13 (caesar cypher)? The "encrypted" result is the same size as the input, pity the encryption can be broken by a 3-year-old.
crypt is of a similar vintage. The old UNIX crypt hashing algorithm is ... elderly ... and totally unsuitable for any new application. Hashes should be SHA256 at minimum, really.
Crypt is a one-way hash
As for not being able to figure out how to decrypt crypted data: crypt isn't an encryption algorithm, it's a cryptographic hash function or "one way hash". One way hashes are suitable for verifying that data is unmodified, comparing to a stored salted hash for password authentication, for use in challenge-response authentication, etc. You cannot decrypt crypted data.
Deal with the size
Use a decent cryptographic function and live with the size increase. bf or aes128 are about the weakest you can reasonably use.
Personally I prefer to do my encryption/decryption in the app, not in the DB. If it's done in the DB the keys can be revealed by pg_stat_statements, in the logs by log_statement or errors, etc. Better that the key never be in the same place as the stored data at all.
Most programming languages have good cryptographic routines you can use.
It's hard to offer any more advice as you haven't really explained what you're encrypting, why, what your requirements are, what the threat(s) are, etc.
Passwords?
If you're storing passwords, you're probably doing it wrong.
If possible, let someone else do the authentication:
OAuth or OpenID for Internet
SSPI, Kerberos/GSSAPI, Active Directory, LDAP bind, SASL, HTTP DIGEST, etc for intranet
If you really must do the auth yourself, add a salt to the passwords and hash the result. Store the hash and the salt. When you must compare passwords, salt the new plaintext from the user with the same salt you used for the stored hash, hash the new password+salt, and see if the hash is the same as what you stored. If it is, they gave the right password.
You almost certainly don't need to recover cleartext passwords. Implement a secure password reset instead. If you really, really must, use a decently secure algorithm like aes to encrypt them and think carefully about key storage and management. See other posts on SO about key storage/management with pgcrypto.
See also:
Secure method for storing/retrieving a PGP private key and passphrase?
Depending on how your postgresql was built, it may have DES support in the pgcrypto module. It depends on if Postgres was configured with OpenSSL support as it relies on OpenSSL to do DES (while with other more modern algorithms it implements them itself).
PGCrypto Algorithms
If openssl support was included and you specify DES as the algorithm to encrypt and decrypt, the data should be the same as you get from Oracle (although you may need to specify padding options).
As Craig says though, the DES algorithm is weak and one of the reasons it is weak is because the output ciphertext is so small.