I hate to tell you, but hashing passwords is no longer enough. Hackers, like us, have discovered how to combat even the strongest of hashing algorithms. Hackers utilizing Rainbow Tables, large tables of pre-computed hash digests, can compare and crack passwords faster than ever before. As if password security wasn’t hard enough, it just got worse.
All hope isn’t lost, yet at least. There is an answer to the disarray caused by rainbow tables. Not to be confused with table salt, rock salt, or sea salt, password salts are values appended to the plaintext pre-hash to generate a non-standard hash digest. By generating values that are non-standard to a certain algorithm, rainbow tables quickly become obsolete. You may be asking yourself, “but I don’t enter a salt when I put in my password to Facebook, how does this all work?”
This is where our unsung hero bCrypt comes into play. bCrypt is a Blowfish-inspired password-hashing function that has a couple of features to keep prying eyes away from our precious passwords. Following the previous discussion, bCrypt auto-magically creates a randomized salt every time it is used. Therefore, even when the same plaintext is entered into the bCrypt algorithm the hash digest is different. Here’s a small example of this utilizing the mkpasswd command and the plaintext “password123”.
bCrypt can look confusing at first glance, let’s attempt to break it down. The bCrypt algorithm doesn’t just plainly output a hash digest. Instead, it uses the dollar sign (“$”) to denote different segments of the output. The first segment, “$2b$,” is used to identify the hashing algorithm which we know to be bCrypt. The second segment, “$10$,” displays the “cost” of the algorithm. Our bCrypt digest tells us that this specific algorithm used 2^10 (1024) rounds of hashing. The rest of the digest is truly just a digest, or is it?
Let’s take a second to think before the answer is presented. By design, hashing algorithms are designed to output the same value, assuming the same input, every time. So how can you possibly verify a valid password for a web application if you’re using the bCrypt algorithm? This is where a lot of the confusion around bCrypt comes from.
There is a third and fourth segment that isn’t denoted by a dollar sign symbol. The third segment is a twenty-two-character salt value that gets concatenated with our original plaintext. We now can deduce that “AEJEMMqgHL8G4v83Y60JO5” is the salt for the first hash digest in our previous example. Yes, the only way to figure that out is to count- unless you’re a computer or good at guessing. The fourth segment is really simple, it’s just the bCrypt digest of the original plaintext with the salt. Let’s try to generate two identical hashes by using the same salt and the -S switch with mkpasswd.
Okay, that wasn’t too hard. To quickly recap, bCrypt denotes different segments of the digest using the dollar sign. The third segment is the salt value that gets added to the original plaintext and the fourth segment is just the actual hash digest output by bCrypt. What other security features does bCrypt implement to beef up our password security?
As stated previously, bCrypt was inspired by the Blowfish encryption algorithm. A critical piece of Blowfish is the expensive key setup process. Knowing how the key process is set up isn’t necessarily important to understand, however, just know that the expensive process makes brute-force attacks against Blowfish significantly slower. David Mazières and Niels Provos, the authors of bCrypt, understood the value of this process and implemented it within bCrypt. What does that mean for the average user? Despite rainbow tables, passwords have never been as secure as they are today thanks to bCrypt!