Skip to main content
Information Security

You are not logged in. Your edit will be placed in a queue until it is peer reviewed.

We welcome edits that make the post easier to understand and more valuable for readers. Because community members review edits, please try to make the post substantially better than how you found it, for example, by fixing grammar or adding additional resources and hyperlinks.

Required fields*

6
  • The "problem that i'm trying to solve" or the advantages of doing them was addressed at the end of the question. And I still don't understand how a stack of hashes like sha1(md5(bcrypt())) could be weaker than bcrypt! Please explain, if putting md5 ontop of bcrypt made it weaker then why on earth aren't hackers doing it themselves once they get the bcryt-ed passwords? Commented Apr 1, 2013 at 10:57
  • @GeorgePowell Your sha1(md5(bcrypt())) scheme makes no sense. What does it offer that bcrypt alone doesn't? If you're looking for more security in bcrypt, why not just increase the work factor, or switch to scrypt? Abusing other hash primitives, especially mainly-broken ones like MD5, for an undefined and minuscule benefit (which may actually be a detriment) isn't smart and can only provide you with more complexity. Commented Apr 1, 2013 at 11:06
  • 5
    The security issue isn't really a cryptographic one. You have to write lines of code to produce this implementation, and every line you write brings potential vulnerabilities. Even subtle things like how Unicode is handled on certain machines can be catastrophic from a security perspective. Keep it simple, keep the implementation clean of needless crud, and you'll be safer. Commented Apr 1, 2013 at 12:11
  • 2
    @GeorgePowell It doesn't help them. Imagine there exists a hash function that has an output space of one single byte. It is obviously trivial for an attacker to brute force our passwords if we use that at any point to compute digests (even if we later pass that to something like bcrypt). But the fact that this weak hash exists doesn't allow an attacker to use it against us, because we're not using it. Commented Apr 1, 2013 at 15:28
  • 1
    @GeorgePowell Additionally, the "problem" that you're trying to solve doesn't actually exist. It is purely imaginary. If it existed, professional cryptographers would be scrambling like mad to put out a permanent solution. Your apparent belief that 1) a practical problem exists, 2) there is no published solution, and 3) the "solution" is trivial comes along with the implicit assertion that professional cryptographers are stupid and/or lazy. Otherwise they'd already have come up with a fix, right? Commented Apr 1, 2013 at 15:34