0

I have been wondering which secure hashing algorithm for hashing of passwords in the windows store 8.1 application which I'm working on right now. After reading various articles () for last 2 days confused to chose one. Most of them say, MD5, SHA 1 is broken which being shipped with .net framework. some say SHA 2 (either 256, 512) is ok whereas other say it vulnerable too. while PBKDF, bcrypt, scrypt being recommended but they are slow when it comes to performance. Now confused which algorithm to choose considering security, compatibility, etc. Is there any new solutions .net 4.5 provides or shipped with C# 6.0?

If bcrypt.net is to be used, what need to be set as work factor (ie how many iterations recommended minimum)?

Community
  • 1
  • 1
Novice Programmer
  • 423
  • 3
  • 15
  • IMO it depends for which task you need it. Hashing to local store hashed passwords to access game data is pretty different than hashing support files to validate them or to detect changes in file content or... – Adriano Repetti Dec 17 '14 at 08:51
  • Note the "say it vulnerable too" link is *specifically* about hashing passwords: "This means that they are fantastic for ensuring the integrity of data and utterly rubbish for storing passwords." You haven't told us what you're trying to hash. – Jon Skeet Dec 17 '14 at 08:56
  • sorry I missed those details. Its for hashing the passwords. – Novice Programmer Dec 17 '14 at 09:40

0 Answers0