27/05/2015 - bcrypt

by Melancholy

Melancholy
すけべ
Admin
Posts: 3,873
Threads: 213
Joined: Jul 2014
Reputation: 60
05-26-2015, 10:38 AM (This post was last modified: 05-26-2015, 11:44 AM by Melancholy.)
#6970 (1)
You might have noticed that you had to login to Lewd again, that is because I have changed the password hashing algorithm to the "more secure" bcrypt algorithm.

Logging in will convert your hash from the default algorithm to bcrypt.

Bcrypt is a lot slower than md5, thus making it a lot harder to bruteforce if our database ever happens to end up in the wrong hands.

If you find anything wrong with the system, please let me know.

Akame
Member
Kohai
Posts: 84
Threads: 7
Joined: Mar 2015
Reputation: 1
05-26-2015, 11:51 AM
#6972 (2)
Thanks senpai! ~

Oho.
Yagmi
bulli pervert
bulli
Posts: 50
Threads: 5
Joined: Dec 2014
Reputation: 3
05-26-2015, 01:09 PM
#6975 (3)
Why not just use MD5.salt?

Because it calcuates fast as fuck compared to Bcrypt, modern systems can check 330MB of MD5 hashes every second.
Meanwhile our boss Bcrypt fat as fuck, slow as fuck.

Let's look at the two methods and how fast they generate hashes.

MD5 ~ 0.008s
BCrypt ~ 0.012s // That's 1.5 times slower than MD5, which is good.

This was calcuated with work factor of 9 which can be edited based on your server performance, so it can be even slower if you so decided to do so.

Why is slow good you might ask?
It means that when the cracker who obtained the hashes wants to crack your passwords.
They are basically going to try to recreate the hash with as many different inputs/passwords as possible (either brute force/mask or a dictionary attack).
Lokorfi
Waifu
Posts: 2,685
Threads: 30
Joined: Feb 2015
Reputation: 32
05-26-2015, 02:04 PM
#6977 (4)
(05-26-2015, 01:09 PM)Yagmi Wrote: Why not just use MD5.salt?

Because it calcuates fast as fuck compared to Bcrypt, modern systems can check 330MB of MD5 hashes every second.
Meanwhile our boss Bcrypt fat as fuck, slow as fuck.

Let's look at the two methods and how fast they generate hashes.

MD5 ~ 0.008s
BCrypt ~ 0.012s // That's 1.5 times slower than MD5, which is good.

This was calcuated with work factor of 9 which can be edited based on your server performance, so it can be even slower if you so decided to do so.

Why is slow good you might ask?
It means that when the cracker who obtained the hashes wants to crack your passwords.
They are basically going to try to recreate the hash with as many different inputs/passwords as possible (either brute force/mask or a dictionary attack).
I almost thought this post was against Bcrypt until I realized that it was a defense.

Melancholy
すけべ
Admin
Posts: 3,873
Threads: 213
Joined: Jul 2014
Reputation: 60
05-26-2015, 09:08 PM
#6996 (5)
Thanks Yagmi, that's a pretty good explanation.