5

I understand how to write PHP code to successfully utilize BCrypt. So, I don't need help getting it to work.

Instead, I need help understanding how in the heck BCrypt magically works!

In this code, on line 15, in order to verify if the login password == the original (and now hashed/salted) password, it looks to me like you are just (a) creating a new hashed/salted value using the login password and the original (and now hashed/salted) password, and then (b) comparing the value created in (a) to the original (and now hashed/salted) password. I don't understand how these can ever be equal, but they are!

For example, let's say a user signs up with a password of test, which let's say (for simplicity) gets hashed/salted to 1234.

A day later, the user tries to login (using 1234), and we need to authenticate them. To do so, we execute the code on line 15. This means that we do the following:

crypt("test", "1234") == "1234"

How in the heck does hashing/salting test with a NEW SALT VALUE (in this case 1234) result in a match?

At this point, this question is mostly just a brain teaser for me. ;)

filmnut
  • 746
  • 1
  • 7
  • 16
  • 2
    That salt generation is utter crap. – PeeHaa Jan 04 '14 at 17:52
  • 1
    Not an answer, but really stop using those crappy 3rd party codes. And use the native [password hashing API](http://www.php.net/manual/en/ref.password.php) in PHP. – PeeHaa Jan 04 '14 at 18:10
  • Have a look at this answer, I think it will make you understand better how a bcrypt hash is composed : http://stackoverflow.com/a/10933491/165055 – MaxiWheat Jan 04 '14 at 19:28
  • Instead of hacking code together, use the [password functions](http://php.net/password) introduced with PHP 5.5 ([compat code](https://github.com/ircmaxell/password_compat) available for PHP >= 5.3.7) – Lekensteyn Jan 04 '14 at 22:19

1 Answers1

5

Bcrypt hashing depends on the password and the salt and (like any hashing algorithm) it is fully deterministic.

If the password and the salt are the same, the result will be the same. If either the password or the salt changes, the result will change.

When you use crypt($password, $hashedPassword), bcrypt is not using the hashed password as the salt. It is extracting the salt from the hashed password and then using that.

The result of crypt is $2y$number$salt-hashedpassword, so if you take the beginning of the hashed password you get the original salt.

Note how the result of crypt($password, $salt) starts with the value of $salt.

luiscubal
  • 24,773
  • 9
  • 57
  • 83