I have a field (regular field, not a password) that is being stored in the database twice: as a hash (SHA512) and as an encrypted value. Changing this setup would require many changes which I don’t want to get myself into. My question: in the case that the database is broken into, does the fact that the field is being stored twice as a hash and encrypted weakens its security? why?
Some people have said yes
because now they have 2 ways to
possibly crack it. Duh, I know that.
What I’m asking about is whether one
can be used to make cracking the other
easier? Can the very fact that the
field has 2 variations somehow make it
easier for the attacker to use one to
make cracking the other easier? Look at it this way: if the
attacker is given only variant A, it
would take them a day. If given only
variant B, it would take them 3 days.
If the attacker runs both cracks
independently, they would crack variant A
faster (it takes only a day). But if the attacker is given
both, they can crack one in just 6
hours. This is what I’m asking.
Assuming that the hash and encryption method are cryptographically strong, then the attack would be brute force. So the cost would be to run the weaker of the two: hash or encryption. If the hash is computed with a large number of iterations (e.g., with PBKDF2) and the encryption is a simple application of a password run through a single iteration of a hash function to get the key data, then the encrypted value would actually be the weak point in terms of CPU cost. In that situation, the answer would be that storing both does not really weaken it, but rather that the encrypted value weakens it.
Edit to specifically address the updated question. From a mathematical standpoint, I suspect it would be very difficult to prove that an attacker cannot somehow use both pieces of data to reduce the attack time. Some of the attacks that have been devised against hashing and encryption are extremely sophisticated, so it seems in the realm of the possibility that it could be done. And I do know for sure it is possible to reduce the attack time in some situations. A very specific example:
Suppose the attacker can somehow learn the length of the password from the encrypted version. That would vastly decrease the time of brute-forcing the hash version.