Upgrade to Pro — share decks privately, control downloads, hide ads and more …

パスワードの保存方法について Kanazawa.rb meetup #4

パスワードの保存方法について Kanazawa.rb meetup #4

Kanazawa.rb meetup #4
2012/11/29 金沢市文化ホール第5 会議室

Hitoshi Kurokawa

November 29, 2012
Tweet

More Decks by Hitoshi Kurokawa

Other Decks in Programming

Transcript

  1. ύεϫʔυͷอଘํ๏ʹ͍ͭͯ K a n a z w a . r

    b m e e t u p # 4 2 0 1 2 / 1 1 / 2 9 a t ۚ ୔ ࢢ จ Խ ϗ ʔ ϧ ୈ 5 ձ ٞ ࣨ ࠇ ઒ ɹ ਔ ( @ k r h i t o s h i )
  2. iOSΞϓϦ։ൃ ॕ೔ΧϨϯμʔ iPhone 170ԁ ໿360DL (2012೥9݄) ້૝(࠲ષ)λΠϚʔ iPhone/iPad (ӳޠରԠ) ແྉ

    ໿5,000DL (2012೥9݄) iPad App ϔϧεέΞ/ϑΟοτωε ࠷ߴ18Ґ(೔ຊ) ࠷ߴ122Ґ(ΞϝϦΧ) iศॴ δϣʔΫΞϓϦ Trychestͱڞಉ։ൃ ໿3ສ5,000DL (2011೥8݄) iPhone App ϥΠϑελΠϧ ࠷ߴ9Ґ
  3. ؙݟ͑ password = “mypassword” if password == input_password puts “Authentication

    succeeded” else puts “Authentication failed” end ؅ཧऀɺ಺෦ͷਓ͕͙͢ʹͰ΋ѱ༻Ͱ͖ͯ͠·͏ ΋ͪΖΜɺΫϥοΫ͞Εͨ৔߹΋
  4. MD5 % md5 -s XkzDusMQ4Q98 MD5 ("XkzDusMQ4Q98") = 313706cbd44dd9e9ff906a8f95b124d1 SHA256

    % echo XkzDusMQ4Q98 | shasum -a 256 5fb39c611f7ec4297eaf63b70354577f8e862761c7bb497b7ef5d74229cf8af0 - ϋογϡؔ਺Λ࢖ͬͯΈΔ 32 จࣈ 64 จࣈ
  5. େ͖͍ϑΝΠϧʹ΋ϋογϡؔ ਺Λ࢖͏༻్͕͋Δ http://ftp.riken.jp/Linux/centos/6.3/isos/x86_64/ a991defc0a602d04f064c43290df0131 CentOS-6.3-x86_64-bin-DVD1.iso 410c1c5188e6076d62d6107153738a15 CentOS-6.3-x86_64-bin-DVD2.iso 087713752fa88c03a5e8471c661ad1a2 CentOS-6.3-x86_64-minimal.iso 690138908de516b6e5d7d180d085c3f3

    CentOS-6.3-x86_64-netinstall.iso 9953ff1cc2ef31da89a0e1f993ee6335 CentOS-6.3-x86_64-LiveCD.iso 0d28b5f9c9f562bd3a17c68ef05b3998 CentOS-6.3-x86_64-LiveDVD.iso 21157a19ec6a32b4fd71f0e45b9aa951 CentOS-6.3-x86_64-bin-DVD1to2.torrent 9015d02b4e22efd547a6bd8b19bce0ec CentOS-6.3-x86_64-LiveCD.torrent 3b9c1c463cfe8983c0835f46f2db39db CentOS-6.3-x86_64-LiveDVD.torrent 4dd1ff9a521823e033dde6b152196de7 CentOS-6.3-x86_64-minimal-EFI.iso c750ba06d83a38494dbf100bf33014d4 CentOS-6.3-x86_64-netinstall-EFI.iso
  6. UNIXͷϢʔβೝূ DES based extended DES based MD5 based SHA-2 based

    (SHA256, SHA512) bcrypt (Blowfish cipher based) ηΩϡϦςΟ ڧ ऑ CentOS 5ܥ·Ͱ࢖༻͞Ε͍ͯΔ CentOS 6ܥ͔Β࠾༻ OpenBSD, SUSE LinuxͰ࠾༻
  7. bcrypt $2a$ SHA256 based $5$ SHA512 based $6$ MD5 SHA256

    SHA512 MD5 based (MD5crypt) scrypt PBKDF2