Does ASP.NET use SHA256 or SHA1?

Question

I'm using the default identity stuff provided by ASP.NET 4.5 MVC and Entity Framework. I can create users with passwords and the hashed password shows up in the database. I'm trying to figure out if that hash is generated using the no-longer-trusted SHA1 algorithm or the SHA2 algorithm (be it SHA256, SHA512, etc).

Articles which seem to say it defaults to SHA256:

https://www.asp.net/whitepapers/aspnet4/breaking-changes#0.1__Toc256770148

http://kosmisch.net/Blog/DotNetEssential/Archive/2015/2/1/aspnet-membership-default-password-hash-algorithms-in-net-4x-and-previous-versions.html

Articles which seem to say it defaults to SHA1:

https://docs.microsoft.com/en-us/aspnet/core/security/data-protection/consumer-apis/password-hashing

https://msdn.microsoft.com/en-us/library/system.security.cryptography.rfc2898derivebytes.aspx

When I follow the chain down, I end up inside the PasswordHasher.cs class -> HashPassword() -> Crypto.HashPassword() which I can see is using Rfc2898DeriveBytes which then has a bunch of stuff about HMACSHA1.

So are my passwords getting hashed by SHA256 or SHA1? Easy way to default to SHA256?

If it helps, here is a dummy password taken from my local environment: AIPfkvy5v59jmVZdPpU9QfUMoToCQ+Rp3dBT7m9RwMKZai5/61REkN/0InCtxKPUOQ==

Answer 1

So it looks like the answer is neither exactly:

From the comments in the ASP.Net Identity Source Code

Version 0: PBKDF2 with HMAC-SHA1, 128-bit salt, 256-bit subkey, 1000 iterations.

See also: SDL crypto guidelines v5.1, Part III)

Format: { 0x00, salt, subkey }

Ultimately the hashing algorithim is SHA1, but it is not a simple SHA1 hash of the password, or even a SHA1 + salt hash.

It is worth pointing out that SHA1 is considered "broken" for digital signatures due to a mathematical attack, reducing the computational effort of generating a collision to just-about feasible levels.

This does not apply to hashed passwords.

Links for further reading.

Is SHA-1 secure for password storage?

https://www.schneier.com/blog/archives/2005/02/sha1_broken.html

https://en.wikipedia.org/wiki/PBKDF2

https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet

Rfc2898DeriveBytes and HMACSHA1