[cryptography] Oddity in common bcrypt implementation
lloyd at randombit.net
Tue Jun 14 18:50:18 EDT 2011
On Tue, Jun 14, 2011 at 04:52:30PM -0500, Marsh Ray wrote:
> The first 7 chars "$2a$05$" are a configuration string. The subsequent
> 53 characters (in theory) contains a 128 bit salt and a 192 bit hash
> value. But 53 is an odd length (literally!) for a base64 string, as
> base64 uses four characters to encode three bytes.
> I don't see an official reference for the format of bcrypt hashes.
> There's the Usenix 99 paper, which is a great read in many ways, but
> it's not a rigorous implementation spec.
I discovered this a while back when I wrote a bcrypt implementation.
Unfortunately the only real specification seems to be 'what the
OpenBSD implementation does'. And the OpenBSD implementation also
does this trunction, which you can see in
encode_base64((u_int8_t *) encrypted + strlen(encrypted), ciphertext,
4 * BCRYPT_BLOCKS - 1);
Niels Provos is probably the only reliable source as to why this
truncation was done though I assume it was some attempt to minimize
padding bits or reduce the hash size.
More information about the cryptography