The phpass homepage reads:
ProposalA cut-down and reworked version of phpass (supporting the portable hashes only and requiring PHP 5+) has been integrated into development versions of Drupal leading to the upcoming Drupal 7 release (CVS commit 1, commit 2) after a lengthy discussion and many proposed patches against various development versions of Drupal. There's a notion of upgraded hashes - these are phpass portable hashes of md5() hashes (which were used by older versions of Drupal), with the final hash encodings prefixed with a "U" (for "upgraded"). A more recent lengthy discussion has resulted in Drupal 7 (still not released) switching from MD5 to SHA-512 for the underlying cryptographic primitive in phpass' "portable" hashes (making them less portable) while preserving "read-only" support for the MD5-based portable hashes. This change was made purely for "political" reasons. Drupal 7's SHA-512 based phpass-like hash encoding strings use "$S$" as the hash type identifier.
I would like to suggest improving the current hashing in a fully backwards-compatible way.
Instead of using MD5, I suggest using SHA-512, like the drupal folks. The hash function is part of PHP since 5.1.2. Take a look at their implementation.
I also really like the way they use hash type identifiers to mark outdated hashes. Instead of maintaining a user_pass_convert field for outdated hashes I'd suggest to use the same format they do. Here's the types of identifiers that would be needed:
- $P$ and $H$ - standard phpass
- $S$ - sha512 phpass, same as drupal 7, I'll call it phpass2
- $U$ - phpass2(md5(password)), used by drupal 7, not needed for phpBB because there is no upgrade path from 2.0 => 3.1
- $V$ - phpass(md5(password)), the same as user_pass_convert = 1
- $W$ - phpass2(phpass(password)), upgrade path from 3.0 => 3.1
- $X$ - phpass2(phpass(md5(password)), upgrade path from 3.0 => 3.1, but with user_pass_convert = 1
Since all of this is encapsulated within phpbb_hash and phpbb_check_hash it should be pretty easy to implement. In addition to those two files, upgrade and login scripts will need to be adjusted too. The upgrade script needs to update the phpBB 3.0 hashes for 3.1 and the login script needs to check for these "upgraded" hashes replace them with a brand new full hash.
[1] http://en.wikipedia.org/wiki/MD5#Collis ... rabilities