bcrypt 加密算法

The prefix “$2a$” or “$2b$” (or “$2y$”) in a hash string in a shadow password file indicates that hash string is a bcrypt hash in modular crypt format.[3] The rest of the hash string includes the cost parameter, a 128-bit salt (base-64 encoded as 22 characters), and B184 bits of the resulting hash value (base-64 encoded as 31 characters).[4] The cost

Bcrypt basic

parameter specifies a key expansion iteration count as a power of two, which is an input to the crypt algorithm.

For example, the shadow password record :


specifies a cost parameter of 10, indicating 210 key expansion rounds. The salt is N9qo8uLOickgx2ZMRZoMye and the resulting hash is IjZAgcfl7p92ldGxad68LJZdL17lhWy. Per standard practice, the user’s password itself is not stored.



Bcrypt  vs Hash+salt

Both Bcrypt and hash+salt could prevent rainbow-table attack(which made the MD5 very vulnerable). In the Hash world, SHA(4 flavors) is better than MD5 in that it almost does not have collisions(collision is one of import reason MD5 is not secure since it is quite easy to generate collision in MD5).

Speed wise, bcrypt is ms level which is kind of slow if you have a lot of user login concurrently. hash+salt will be much faster though less secure.


如何生成安全的密码 Hash:MD5, SHA, PBKDF2, BCrypt 示例

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s