mbcrypt

package
v0.0.0-...-aae4de3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 6, 2019 License: MIT Imports: 5 Imported by: 0

README

Go implemention of mbcrypt.

Documentation

Overview

mbcrypt is a KDF which increases the cost of guessing attacks by executing the hash (bcrypt) in multiple threads. Since multi-core processors are commonplace there is no time penalty for the defender, but the attack efficiency is reduced by a factor of N (where N is the number of threads).

Each thread operates on a different version of the password and salt (sha256). When all threads finish, the results are combined with sha256 to produce 32 bytes. Since the plain-text password is first hashed with sha256, it is not subject 

to bcrypt's 72 character limit.

Most applications will be better off using a memory-hard KDF like Argon2.

Index

Constants

View Source 
const BcryptSaltLen = 16

Salt must be exactly this number of bytes

View Source 
const OutputSize = 32

The number of bytes returned by Hash()

Variables

This section is empty.

Functions

func Hash 

func Hash(nThreads int, plaintextPassword []byte, salt []byte, cost int) ([]byte, error)

Hash given password with N threads (1-32). There is no length limit on the password because it is first hashed with sha256 before it goes into bcrypt. The output hash is always 32 bytes.

Types

This section is empty.

Source Files

View all Source files

Directories

Path Synopsis
Package bcrypt implements Provos and Mazières's bcrypt adaptive hashing algorithm.
 Package bcrypt implements Provos and Mazières's bcrypt adaptive hashing algorithm.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.