question

banoo-7011 avatar image
0 Votes"
banoo-7011 asked YijingSun-MSFT commented

Question about salt in Bcrypt

Hello. Good time
I use bcrypt to encrypt passwords in .net mvc(c#)
In sign-up, I use the following code:

  string salt = BCrypt.Net.BCrypt.GenerateSalt(12);
 string hashedPassword = BCrypt.Net.BCrypt.HashPassword(enteredPassword, salt);

and At this point, the hashedPassword is stored in the database

The question I have at this stage is whether salt needs to be stored in the database?

I also use the following code in the login:

 --hashedPassword is read from the database
 bool verify = BCrypt.Net.BCrypt.Verify(password, hashedPassword,false, hashType : HashType.SHA512);
        
        
     if (verify)
     {
     }
     else
     {
     }

The next question is whether the verification was done correctly? Should I not use salt at this stage?
I did not use salt in the login


And the last question is whether it is correct to use hashType: HashType.SHA512 and enhancedEntropy: false in the verify function? Are these settings the best settings?

dotnet-csharpdotnet-aspnet-mvc
· 5
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

The question I have at this stage is whether salt needs to be stored in the database?

By definition, salts are random bytes added to a password before it is hashed. The salt must be saved otherwise the hash cannot be recreated.

The next question is whether the verification was done correctly? Should I not use salt at this stage? I did not use salt in the login

According to the docs, Bcrypt is a password hasher which uses a salt. It's not clear how bcrypt is used to hash a password without a salt.

And the last question is whether it is correct to use hashType: HashType.SHA512 and enhancedEntropy: false in the verify function? Are these settings the best settings?

Are you asking about a bcrypt library? SHA512 is a fast hash bcrypt is a slow hash. It takes longer to brute force bcrypt than SHA512. Frankly, configuring iterations is a feature in bcrypt. Set aside time to read the documentation and learn the definitions of the terms.








0 Votes 0 ·

By definition, salts are random bytes added to a password before it is hashed. The salt must be saved otherwise the hash cannot be recreated.

According to you, I have to save the salt in the database and use it like this when logging in.
it's true?


 string salt = salt is read from the database //for example: $2a$12$ncjskFMRG08WaoGrZkXhGe
 string hashedPassword_db= HashedPassword is read from the database
    
 string enteredHashedPassword = BCrypt.Net.BCrypt.HashPassword(enteredPassword, salt);
    
 bool verify = BCrypt.Net.BCrypt.Verify(enteredHashedPassword, hashedPassword_db,false, hashType : HashType.SHA512);


I did this, but even though hashedPassword_db and enteredHashedPassword are the same, the Verify function returns false

0 Votes 0 ·

According to you, I have to save the salt in the database and use it like this when logging in. it's true?

I simply provided the definition. A salt is an array of random bytes added to a password before it is hashed. The original salt is required to get the origianl hash value from the hash algorithm. Logically, the salt must be saved somewhere.

I did this, but even though hashedPassword_db and enteredHashedPassword are the same, the Verify function returns false

I'm not particularly familiar with the bcrypt library you are using. If we assume the bcrypt library is bug free, that means there is something wrong with your implementation. You did not share enough code to guess where the mistake is located. Please run your logic through the debugger.





0 Votes 0 ·
Show more comments
cheong00 avatar image
0 Votes"
cheong00 answered cheong00 commented

Actually if you check the source, HashPassword(inputKey) is equal to HashPassword(inputKey, GenerateSalt()), therefore you know you shouldn't need to store it or HashPassword(inputKey) as a function would be useless.

For both HashPassword() and Verify(), if you do not pass the hashType parameter, it will use DefaultEnhancedHashType as default which is SHA384. Therefore if you try to do Verify() with HashType.SHA512 as parameter it will not match.


· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

As for best practice, lots of ideas in this article is still relevant. Jump to "Frequently Asked Questions" section if TL;DR.


0 Votes 0 ·
YijingSun-MSFT avatar image
0 Votes"
YijingSun-MSFT answered YijingSun-MSFT commented

Hi @banoo-7011 ,

From a description of bcrypt at Wikipedia: ... The rest of the hash string includes the cost parameter, a 128-bit salt (Radix-64 encoded as 22 characters), and 184 bits of the resulting hash value (Radix-64 encoded as 31 characters). So the salt is automatically included in the output string which means there is no need to add it by yourself.
When someone tries to authenticate, retrieve the stored cost and salt. Derive a key from the input password, cost and salt. Encrypt the same well-known string. If the generated cipher text matches the stored cipher text, the password is a match.

Bcrypt operates in a very similar manner to more traditional schemes based on algorithms like PBKDF2. The main difference is its use of a derived key to encrypt known plain text;
The function HashPassword has prepended the salt to the password hash, so if you store the output of this, you are storing the salt.
Best regards,
Yijing Sun


If the answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our  documentation  to enable e-mail notifications if you want to receive the related email notification for this thread.

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thank you @YijingSun-MSFT

I knew there was no need to store salt in the database.
Now my question is when logging in, are the following codes sufficient and correct?

 --hashedPassword is read from the database
 --enteredPassword: The password entered by the user is login. For example: 123

  bool verify = BCrypt.Net.BCrypt.Verify(enteredPassword, hashedPassword,false, hashType : HashType.SHA512);
            
            
      if (verify)
      {
      }
      else
      {
      }
0 Votes 0 ·

Hi @banoo-7011 ,
As far as I think,the hashedPassword is not read from the database.
I think it just like this:

   string hashed = BCrypt.HashPassword(password, salt, enhancedEntropy: true, HashType.SHA512);
   var validateHashCheck = BCrypt.Verify(password, hashed, true, HashType.SHA512);

Best regards,
Yijing Sun

0 Votes 0 ·