Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What's the difference between bcrypt and hashing multiple times?

How is bcrypt stronger than, say,

def md5lots(password, salt, rounds):
    if (rounds < 1)
        return password
    else
        newpass = md5(password + salt)
        return md5lots(newpass, salt, rounds-1)

I get the feeling, given its hype, that more intelligent people than me have figured out that bcrypt is better than this. Could someone explain the difference in 'smart layman' terms?

like image 566
Luke has no name Avatar asked Aug 16 '11 00:08

Luke has no name


People also ask

Why is bcrypt hash different every time?

A BCrypt hash includes salt and as a result this algorithm returns different hashes for the same input.

Is bcrypt a one way hash?

Bcrypt uses adaptive hash algorithm to store password which is a one-way hash of the password. BCrypt internally generates a random salt while encoding passwords and store that salt along with the encrypted password. Hence it is obvious to get different encoded results for the same string.

Is bcrypt more secure than sha256?

The technology in the Bcrypt algorithm and process limits attacks and makes it harder for attackers to compromise passwords. Bcrypt was not designed for encrypting large amounts of data. It is best implemented for passwords, however SHA-256 is better for large amounts of data because it is less costly and faster.

Which is the advantages of bcrypt?

The largest benefit of bcrypt is that, over time, the iteration count can be increased to make it slower allowing bcrypt to scale with computing power. We can dimish any benefits attackers may get from faster hardware by increasing the number of iterations to make bcrypt slower.


1 Answers

The principal difference - MD5 and other hash functions designed to verify data have been designed to be fast, and bcrypt() has been designed to be slow.

When you are verifying data, you want the speed, because you want to verify the data as fast as possible.

When you are trying to protect credentials, the speed works against you. An attacker with a copy of a password hash will be able to execute many more brute force attacks because MD5 and SHA1, etc, are cheap to execute.

bcrypt in contrast is deliberately expensive. This matters little when there are one or two tries to authenticate by the genuine user, but is much more costly to brute-force.

like image 184
Adrian Avatar answered Nov 04 '22 16:11

Adrian