# bcrypt

> password-based key derivation function

**Wikidata**: [Q286896](https://www.wikidata.org/wiki/Q286896)  
**Wikipedia**: [English](https://en.wikipedia.org/wiki/Bcrypt)  
**Source**: https://4ort.xyz/entity/bcrypt

## Summary
bcrypt is a password-based key derivation function designed to securely hash passwords. It was created by Niels Provos in 1999 and is based on the Blowfish cipher. bcrypt incorporates a salt to protect against rainbow table attacks and is widely used in modern authentication systems.

## Key Facts
- Created by Niels Provos in 1999
- Based on the Blowfish cipher algorithm
- Maximum password size is 72 bytes
- Uses a salt to protect against rainbow table attacks
- Described in the paper "A Future-Adaptable Password Scheme" published at USENIX 1999
- Available as packages in Debian, Gentoo, and Homebrew
- Has an ITU/ISO/IEC object identifier of 1.0.9979.1
- Used as a Stack Exchange tag and discussed widely in security communities

## FAQs
### Q: What is bcrypt used for?
A: bcrypt is used to hash and securely store passwords in authentication systems. It transforms passwords into fixed-length strings that are computationally expensive to reverse, making it resistant to brute-force attacks.

### Q: How does bcrypt differ from other hashing algorithms?
A: bcrypt is specifically designed for password hashing with built-in salting and adjustable computational cost. Unlike general-purpose hash functions like SHA-256, bcrypt is intentionally slow to thwart brute-force attacks and includes a salt automatically.

### Q: What is the maximum password length for bcrypt?
A: bcrypt supports passwords up to 72 bytes in length. This limitation is due to the way the Blowfish cipher processes input data within the algorithm.

## Why It Matters
bcrypt revolutionized password security by introducing a deliberately slow hashing algorithm that could adapt to increasing computational power over time. Before bcrypt, many systems used fast cryptographic hash functions like MD5 or SHA-1 for password storage, which made them vulnerable to brute-force attacks as hardware improved. bcrypt's key innovation was making the hashing process intentionally expensive, requiring significant computational resources for each password attempt. This adaptive cost factor means that as computers get faster, the algorithm can be configured to remain slow enough to deter attackers. The algorithm's widespread adoption across operating systems, programming languages, and security frameworks has made it a cornerstone of modern authentication systems. Its influence extends beyond just bcrypt itself, inspiring subsequent password hashing algorithms like scrypt and Argon2 that build on the same principles of memory-hard, computationally expensive operations.

## Notable For
- First widely adopted password hashing function with built-in salting
- Introduced the concept of adjustable computational cost for password hashing
- Remains one of the most trusted password hashing algorithms after more than two decades
- Successfully resisted cryptanalysis attempts while maintaining practical performance
- Influenced the design of modern memory-hard password hashing algorithms

## Body
### Technical Foundation
bcrypt is built upon the Blowfish block cipher, a symmetric-key algorithm designed by Bruce Schneier in 1993. The algorithm modifies Blowfish's key schedule to create a one-way hash function suitable for password storage. This foundation provides both the cryptographic strength and the computational intensity that makes bcrypt effective.

### Security Features
The algorithm automatically generates and incorporates a 128-bit salt for each password hash, eliminating the need for developers to implement salting separately. This salt ensures that identical passwords produce different hashes, protecting against rainbow table attacks. The cost factor, typically represented as a number like 10 or 12, determines how many iterations the algorithm performs, directly affecting the time required to compute each hash.

### Implementation and Adoption
bcrypt has been implemented across numerous platforms and programming languages. It's available as the 'bcrypt' package in Debian and Gentoo Linux distributions, as a Homebrew formula, and as a Python package. The algorithm has been standardized with an ITU/ISO/IEC object identifier (1.0.9979.1), reflecting its widespread acceptance in the security community.

### Performance Characteristics
The computational cost of bcrypt can be adjusted by changing the cost factor, which determines the number of rounds the algorithm executes. Each increase in the cost factor roughly doubles the time required to compute a hash. This adaptability allows systems to maintain security as hardware capabilities improve, ensuring that password cracking remains computationally prohibitive even as attackers gain access to more powerful hardware.

## References

1. Freebase Data Dumps. 2013