Expected Behavior
To hash passwords and secret keys a secure hashing algorithm (e.g., SHA256) should be used.
Current Behavior
The current Simple Hash-Based Token Approach uses MD5 hash digest for hashing password and secret-key in Remember-Me Authentication.
Corresponding Javadoc link and source code link
Context
MD5 is already proven to be a weak hashing algorithm and vulnerable against collision attacks [1] and modular differential attacks [2]. Hence I suggest using a secure hashing algorithm such as SHA-256 instead of already broken MD5 for remember me token.
Comment From: rwinch
Thanks for creating this issue.
In modern applications, I'd recommend using Spring Session's Remember Me support which allows you to easily offload the session into a data store without the need for cryptography.
I do agree that MD5 is not a good choice. Would you like to provide a pull request that provides the option to use SHA-256?
Comment From: aswinmahendiran
Hello @islamazhar thanks for raising this issue.
Hello @rwinch I have raised the PR for the fix. I have updated the tests as well. Please check the PR (#8591).
This is my first PR in any Open Source project. Happy to start my journey in the security field I love the most!!
Comment From: aswinmahendiran
Hi @rwinch it would be great if you can a look at the PR. I am excited to add my first contribution
Comment From: rwinch
@aswinmahendiran There is a duplicate PR https://github.com/spring-projects/spring-security/pull/8580 (I have requested changes on it) Can you work with @islamazhar on which of you is sending a PR?
Comment From: sargas
@islamazhar @aswinmahendiran not sure if either of you are still interested in this issue, but I have a PR at #9392 that supports SHA256 tokens without changing the existing behavior and allows for a future change of the default algorithm. I tried to update relevant parts of the documentation and tests accordingly.
Comment From: rwinch
Given this is a breaking change we should consider it for 6.0.x or close it