Bcrypt: Difference between revisions

From Thought dump
Jump to navigation Jump to search
VisualWikitext
Created page with "<blockquote>From Wikipedia: https://en.wikipedia.org/w/index.php?title=Bcrypt&oldid=1232137191#Description</blockquote>The input to the bcrypt function is the password string (up to 72 bytes), a numeric cost, and a 16-byte (128-bit) salt value. The salt is typically a random value. The bcrypt function uses these inputs to compute a 24-byte (192-bit) hash. The final output of the bcrypt function is a string of the form: $2<a/b/x/y>$[cost]$[22 character salt]..."
 
No edit summary
 
(One intermediate revision by the same user not shown)
Line 12: Line 12:
* <code>PST9/PgBkqquzi.Ss7KIUgO2t0jWMUW</code>: A base-64 encoding of the first 23 bytes of the computed 24 byte hash
* <code>PST9/PgBkqquzi.Ss7KIUgO2t0jWMUW</code>: A base-64 encoding of the first 23 bytes of the computed 24 byte hash


The base-64 encoding in bcrypt uses the table <code>./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789</code>,<ref name="bcrypt.c_lines_57-58">{{Cite web|last=Provos|first=Niels|date=13 February 1997|title=bcrypt.c source code, lines 57-58|url=https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libc/crypt/bcrypt.c?rev=1.1&content-type=text/x-cvsweb-markup|access-date=29 January 2022}}</ref> which differs from RFC&nbsp;4648 encoding.
The base-64 encoding in bcrypt uses the table <code>./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789</code>, which differs from RFC&nbsp;4648 encoding.
 
{{Page lang|en}}
 
[[Category:Notes]]
[[Category:Notes]]

Latest revision as of 01:16, 30 August 2024

From Wikipedia: https://en.wikipedia.org/w/index.php?title=Bcrypt&oldid=1232137191#Description

The input to the bcrypt function is the password string (up to 72 bytes), a numeric cost, and a 16-byte (128-bit) salt value. The salt is typically a random value. The bcrypt function uses these inputs to compute a 24-byte (192-bit) hash. The final output of the bcrypt function is a string of the form: 

$2<a/b/x/y>$[cost]$[22 character salt][31 character hash]

For example, with input password abc123xyz, cost 12, and a random salt, the output of bcrypt is the string 

$2a$12$R9h/cIPz0gi.URNNX3kh2OPST9/PgBkqquzi.Ss7KIUgO2t0jWMUW
\__/\/ \____________________/\_____________________________/
Alg Cost      Salt                        Hash

Where:

  • $2a$: The hash algorithm identifier (bcrypt)
  • 12: Input cost (212 i.e. 4096 rounds)
  • R9h/cIPz0gi.URNNX3kh2O: A base-64 encoding of the input salt
  • PST9/PgBkqquzi.Ss7KIUgO2t0jWMUW: A base-64 encoding of the first 23 bytes of the computed 24 byte hash

The base-64 encoding in bcrypt uses the table ./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789, which differs from RFC 4648 encoding.

Retrieved from "https://wiki.jwo.cz/index.php?title=Bcrypt&oldid=127"