Better Practice, Dec. 2018

36 \ December 2018 \ http://www.phparch.com

Adventures in Hashing

Security Corner

Conclusions Hashing is a concept every developer will stumble across at some point in their career. While the algorithms involved require a lot of math educa- tion to understand fully, when and where and why to use them is knowl- edge everyone should acquire. Hashing helps provide safe, normalized keys for CDNs, indexes, or caches. It also provides security for passwords and other sensitive information we must store in a secure, non-reversible fashion for future reference and comparison. Learning why and when to hash is straight-forward. Any senior developer can point you in the right direction. Learning how to use PHP’s native hash functions is similar. Just reference the PHP documentation^11 or similar guides for the newer libsodium support.

11 the PHP documentation:
http://php.net/book.hash

Learning how to implement a hash function is beyond the scope of what developers will typically have to do. That being said, it’s usually a good use of your time to have a functional under- standing of what’s happening under the hood. Set 7^12 of the aforementioned

12 Set 7: https://cryptopals.com/sets/7

Cryptopals challenges walks through some of the less secure hashing algorithms available. You can use this to better understand what hashing does, but remember to use native implemen- tations in PHP in production.

Eric is a seasoned web developer experienced with multiple languages and platforms. He’s been working with PHP for more than a decade and focuses his time on helping developers get started and learn new skills with their tech of choice. Eric works as a Tekton for Tozny, a privacy and security-focused startup in the Portland area. You can reach out to him directly via Twitter: @EricMann

Better Practice, Dec. 2018

OSMI Mental Health in Tech Survey

Get our desktop app

Company

Features

Documentation

Resources