Hacker News new | past | comments | ask | show | jobs | submit login

Why not PBKDF2?



PBKDF2 is fine. bcrypt has better library support. I'd rather you used a bcrypt library than try to roll your own PBKDF2.


bcrypt is also slightly stronger than PBKDF2, since it requires a larger circuit to compute.

The only reason you would want to use PBKDF2 is if (a) you already have a hash and don't want to add blowfish to your code/circuit, or (b) you want to be standards-compliant.


According to the scrypt website, PBKDF2 is weaker as compared to bcrypt and scrypt: "We estimate that on modern (2009) hardware, if 5 seconds are spent computing a derived key, the cost of a hardware brute-force attack against scrypt is roughly 4000 times greater than the cost of a similar attack against bcrypt (to find the same password), and 20000 times greater than a similar attack against PBKDF2."


On .Net this is definitely the way to go.

http://msdn.microsoft.com/en-us/library/system.security.cryp...

Make sure to use the defaults or better in terms of rounds. The salt provided when you don't supply one is cryptographically random.


There is a .NET implementation of BCrypt:

http://bcrypt.codeplex.com/




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: