All geek questions in one place

Bcrypt Security

I know this is a “preset” topic, Bcrypt , however, I have a few problems regarding its security.

I used sha512($password.$salt) and then searched for the best solution and came across Bcrypt .

As for me, when I read about it, he said that the number of rounds ( $02$ ) and the salt are stored inside the hash in 3 separate “blocks”, for example, $rounds$.$salt.$hash (or at least as I have interpreted this).

My question is: is it unsafe? Displays the number of rounds and salt used. Because an attacker can just go “ok I need 2 rounds, salt 123salt and what hash”, right?

I understand that reading this is not “all” about security, how long it takes to crack a password, and that the advantage of Bcrypt is slow.

Can someone clarify my misinterpretations / misunderstandings?

Thanks.

+6
source share
2 answers

bcrypt is security thanks to insurmountable complexity; not safety obscurity.

The point of salt is to prevent an attacker from reusing calculations for multiple users.
There is nothing wrong with giving this to an attacker.

Similarly, even if an attacker knows how many rounds you use, it will not be that much time (if you use a fairly decent number of rounds).
The point of using many rounds is not that the attacker will not know how many rounds to use; it's that every round makes the attack take longer.

+11
source

The salt is stored with a hash because a different salt is used for each hash, unlike your previous approach with sha512, where you used one salt for each hash.

Using this method, one rainbow table will be useful for only one password, whereas if the same salt was used for each hash, one rainbow table would be good for all hashes.

The work factor (as you call it: "rounds") must also be preserved so that the hash can be correctly verified. Yes, you could rule it out, but in fact there was no harm.

bcrypt was developed as an intensive algorithm. It is very expensive to compute a single hash and it is not possible to create lookup tables for hashes with high working factors.

The work rate is designed to be changed as technology advances, so it will always be difficult to crack bcrypt hashing. But you can only update the hash when checking the password.

You can get a system in which different hashes have different workload values, depending on which ones have been updated and which are not.

+4
source

Source: https://habr.com/ru/post/921959/

More articles:


All Articles