Supersedes #725

_posts/10-02-01-Web-Application-Security.md

@@ -5,6 +5,25 @@ anchor:  web_application_security
 
 ## Web Application Security {#web_application_security_title}
 
+It is very important for every PHP developer to learn [the basics of web application security][4], which can be broken
+down into a handful of broad topics:
+
+1. Code-data separation.
+   * When data is executed as code, you get SQL Injection, Cross-Site Scripting, Local/Remote File Inclusion, etc.
+   * When code is printed as data, you get information leaks (source code disclosure or, in the case of C programs,
+     enough information to bypass [ASLR][5]).
+2. Application logic.
+   * Missing authentication or authorization controls.
+   * Input validation.
+3. Operating environment.
+   * PHP versions.
+   * Third party libraries.
+   * The operating system.
+4. Cryptography weaknesses.
+   * [Weak random numbers][6].
+   * [Chosen-ciphertext attacks][7].
+   * [Side-channel information leaks][8].
+
 There are bad people ready and willing to exploit your web application. It is important that you take necessary
 precautions to harden your web application's security. Luckily, the fine folks at
 [The Open Web Application Security Project][1] (OWASP) have compiled a comprehensive list of known security issues and
@@ -16,3 +35,9 @@ methods to protect yourself against them. This is a must read for the security-c
 [1]: https://www.owasp.org/
 [2]: https://www.owasp.org/index.php/Guide_Table_of_Contents
 [3]: https://phpsecurity.readthedocs.io/en/latest/index.html
+[4]: https://paragonie.com/blog/2015/08/gentle-introduction-application-security
+[5]: http://searchsecurity.techtarget.com/definition/address-space-layout-randomization-ASLR
+[6]: https://paragonie.com/blog/2016/01/on-design-and-implementation-stealth-backdoor-for-web-applications
+[7]: https://paragonie.com/blog/2015/05/using-encryption-and-authentication-correctly
+[8]: http://blog.ircmaxell.com/2014/11/its-all-about-time.html
+

_posts/10-03-01-Password-Hashing.md

@@ -8,16 +8,30 @@ anchor:  password_hashing
 Eventually everyone builds a PHP application that relies on user login. Usernames and passwords are stored in a
 database and later used to authenticate users upon login.
 
-It is important that you properly [_hash_][3] passwords before storing them. Password hashing is an irreversible,
+It is important that you properly [_hash_][3] passwords before storing them. Hashing and encrypting are [two very different things][7]
-one-way function performed against the user's password. This produces a fixed-length string that cannot be feasibly
+that often get confused.
-reversed. This means you can compare a hash against another to determine if they both came from the same source string,
+
-but you cannot determine the original string. If passwords are not hashed and your database is accessed by an
+Hashing is an irreversible, one-way function. This produces a fixed-length string that cannot be feasibly reversed.
-unauthorized third-party, all user accounts are now compromised.
+This means you can compare a hash against another to determine if they both came from the same source string, but you
+cannot determine the original string. If passwords are not hashed and your database is accessed by an unauthorized
+third-party, all user accounts are now compromised.
+
+Unlike hashing, encryption is reversible (provided you have the key). Encryption is useful in other areas, but is a poor
+strategy for securely storing passwords.
 
 Passwords should also be individually [_salted_][5] by adding a random string to each password before hashing. This prevents dictionary attacks and the use of "rainbow tables" (a reverse list of crytographic hashes for common passwords.)
 
 Hashing and salting are vital as often users use the same password for multiple services and password quality can be poor.
 
+Additionally, you should use [a specialized _password hashing_ algoithm][6] rather than fast, general-purpose
+cryptographic hash function (e.g. SHA256). The short list of acceptable password hashing algorithms (as of June 2018)
+to use are:
+
+* Argon2 (available in PHP 7.2 and newer)
+* Scrypt
+* **Bcrypt** (PHP provides this one for you; see below)
+* PBKDF2 with HMAC-SHA256 or HMAC-SHA512
+
 Fortunately, nowadays PHP makes this easy.
 
 **Hashing passwords with `password_hash`**
@@ -56,3 +70,6 @@ if (password_verify('bad-password', $passwordHash)) {
 [3]: https://wikipedia.org/wiki/Cryptographic_hash_function
 [4]: https://wiki.php.net/rfc/password_hash
 [5]: https://wikipedia.org/wiki/Salt_(cryptography)
+[6]: https://paragonie.com/blog/2016/02/how-safely-store-password-in-2016
+[7]: https://paragonie.com/blog/2015/08/you-wouldnt-base64-a-password-cryptography-decoded
+