Is the speed of Bcrypt encryption slow?

Source: Internet
Author: User
Bcrypt is slower than md5 Encryption By times. Does it mean that Bcrypt is a weakness? After all, the md5 of the salt is still not easy to crack. Bcrypt is slower than md5 Encryption By times. Does it mean that Bcrypt is a weakness?
After all, the md5 of the salt is still not easy to crack.

Reply content:

Bcrypt is slower than md5 Encryption By times. Does it mean that Bcrypt is a weakness?
After all, the md5 of the salt is still not easy to crack.

First, I don't know what the landlord saidBcrypt is tens of thousands of times slower than md5 EncryptionHow does it come from.

Running 1000 times on my Macbook is about 100,000 times

My point is: Since encryption, isn't the goal of security the heaviest? Although we will encounter a balance between security and speed, I will still prefer to choose security. Otherwise, what do the people who come up with Bcrypt think about? Just a matter of speed, let's talk about Bcrypt, I think this is inappropriate.

Md5 salt value I do not advocate use: details of my article: http://segmentfault.com/a/1190000003024932

Depends on your specific use scenario.

Md5 encryption is fast. When the password only has a combination of lower-case letters and numbers, a good PC can cite all the passwords within 40 s.
Although Bcrypt is slow, it is not slow in verifying user passwords.

Bcrypt uses a series of different Blowfish encryption algorithms and introduces a work factor, which allows you to determine the cost of this algorithm. Because of this, the algorithm will not be faster because of the computer's CPU processing speed, which will shorten the algorithm time. Because you can increase the work factor to lower the performance.

How slow is bcrypt? If we compare it with MD5, if we use a work factor of 12, if we encrypt "cool", bcrypt takes 0.3 seconds, MD5 takes only one microsecond (one second per million ). That is to say, it takes only 40 seconds to complete all possible MD5-encoded password algorithms. It takes 12 years to use bcrypt.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.