Asp.net Identity password hashing

The new ASP.net Identity project has brought some useful code and interfaces for website security. To implement a custom system using the interfaces (instead of using the standard Entity Framework implementation included in the MVC 5 template) an IPasswordHasher is required.

IPasswordHasher interface in ASP.net Identity

namespace Microsoft.AspNet.Identity
{
    public interface IPasswordHasher
    {
         string HashPassword(string password);
         PasswordVerificationResult VerifyHashedPassword(string hashedPassword, string providedPassword);
    }
}

Is it possible to use password salting for more secure encryption in ASP.net Identity and via this interface?

Solution 1:

HEALTH WARNING for the below answer: Know which version of ASP.Net Identity you are using. You should refer to the source code directly if it is one of the newer versions from the github repository.

As I write this, the current version (3.0.0-rc1/.../PasswordHasher.cs) of the password handler is significantly different to the below answer. This newer version supports multiple hash algorithm versions and is documented as (and may change further by the time you read this):

Version 2:

• PBKDF2 with HMAC-SHA1, 128-bit salt, 256-bit subkey, 1000 iterations.
• (See also: SDL crypto guidelines v5.1, Part III)
• Format: { 0x00, salt, subkey }

Version 3:

• PBKDF2 with HMAC-SHA256, 128-bit salt, 256-bit subkey, 10000 iterations.
• Format: { 0x01, prf (UInt32), iter count (UInt32), salt length (UInt32), salt, subkey }
• (All UInt32s are stored big-endian.)

The original answer is still valid for the original version of ASP.Net Identity, and is as follows:

@jd4u is correct, but to shed a little more light which wouldn't fit into a comment for his answer:

• Microsoft.AspNet.Identity.PasswordHasher : IPasswordHasher already salts for you,
  • more importantly it uses Rfc2898DeriveBytes to generate the salt and the hash,
  • which uses industry standard PBKDF2 (SE discussion here, OWASP recommendation for PBKDF2 here).
• The default Microsoft.AspNet.Identity.UserManager<TUser> implementation uses Microsoft.AspNet.Identity.PasswordHasher as a concrete IPasswordHasher
• PasswordHasher in turn is a really simple wrapper for (ultimately)System.Security.Cryptography.Rfc2898DeriveBytes

So, if you are going to use Rfc2898DeriveBytes, just use PasswordHasher - all the heavy lifting is already done (hopefully correctly) for you.

Details

The full code that PasswordHasher (currently) ultimately uses does something very close to:

int saltSize = 16;
int bytesRequired = 32;
byte[] array = new byte[1 + saltSize + bytesRequired];
int iterations = SOME; // 1000, afaik, which is the min recommended for Rfc2898DeriveBytes
using (var pbkdf2 = new Rfc2898DeriveBytes(password, saltSize, iterations))
{
    byte[] salt = pbkdf2.Salt;        
    Buffer.BlockCopy(salt, 0, array, 1, saltSize);
    byte[] bytes = pbkdf2.GetBytes(bytesRequired);
    Buffer.BlockCopy(bytes, 0, array, saltSize+1, bytesRequired);
}
return Convert.ToBase64String(array);

Solution 2:

"Is it possible to use password salting for more secure encryption in ASP.net Identity and via this interface?"

Yes, the interface is provided for the new implementation of PasswordHasher already present in Core framework.

Also note that the default implementation is already using Salt+Bytes.

After creating custom PasswordHasher (say MyPasswordHasher), you can assign it to UserManager instance like userManager.PasswordHasher=new MyPasswordHasher()

See one example of such IPasswordHasher

To implement a custom system using the interfaces (instead of using the standard Entity Framework implementation included in the MVC 5 template) an IPasswordHasher is required.

For implementing alternate system from EF, - You shall implement all Core interfaces. - IPasswordHasher implementation is not required. PasswordHasher is already provided in Core framework as it's implementation.

Solution 3:

I ran into an issue while updating from Membership to AspNet.Identity. The Rfc2898 hashes are different from those used before. That's for good reason, but changing the hashes would require all users to reset their passwords. As a solution this custom implementation makes it backwards compatible:

public class MyPasswordHasher : PasswordHasher {

   public FormsAuthPasswordFormat FormsAuthPasswordFormat { get; set; }

   public MyPasswordHasher(FormsAuthPasswordFormat format) {
      FormsAuthPasswordFormat = format;
   }

   public override string HashPassword(string password) {
      return FormsAuthentication.HashPasswordForStoringInConfigFile(password, FormsAuthPasswordFormat.ToString());
   }

   public override PasswordVerificationResult VerifyHashedPassword(string hashedPassword, string providedPassword) {
     var testHash = FormsAuthentication.HashPasswordForStoringInConfigFile(providedPassword, FormsAuthPasswordFormat.ToString());
     return hashedPassword.Equals(testHash) ? PasswordVerificationResult.Success : PasswordVerificationResult.Failed;
   }
}

Once you create your UserManager instance just set the hasher:

Usermanager.PasswordHasher = new MyPasswordHasher(FormsAuthPasswordFormat.SHA1);

The code complains that the HashPasswordForStoringInConfigFile method is deprecated, but that's fine as we know that the whole exercise is to get rid of the old technology.