Question about salt in Bcrypt

Question

Question about salt in Bcrypt

banoo 1

Hello. Good time
I use bcrypt to encrypt passwords in .net mvc(c#)
In sign-up, I use the following code:

 string salt = BCrypt.Net.BCrypt.GenerateSalt(12);
string hashedPassword = BCrypt.Net.BCrypt.HashPassword(enteredPassword, salt);

and At this point, the hashedPassword is stored in the database

The question I have at this stage is whether salt needs to be stored in the database?

I also use the following code in the login:

--hashedPassword is read from the database
bool verify = BCrypt.Net.BCrypt.Verify(password, hashedPassword,false, hashType : HashType.SHA512);


    if (verify)
    {
    }
    else
    {
    }

The next question is whether the verification was done correctly? Should I not use salt at this stage?
I did not use salt in the login

And the last question is whether it is correct to use hashType: HashType.SHA512 and enhancedEntropy: false in the verify function? Are these settings the best settings?

AgaveJoe 31,361 Reputation points

2021-06-23T10:33:35.683+00:00

The question I have at this stage is whether salt needs to be stored in the database?

By definition, salts are random bytes added to a password before it is hashed. The salt must be saved otherwise the hash cannot be recreated.

The next question is whether the verification was done correctly? Should I not use salt at this stage? I did not use salt in the login

According to the docs, Bcrypt is a password hasher which uses a salt. It's not clear how bcrypt is used to hash a password without a salt.

And the last question is whether it is correct to use hashType: HashType.SHA512 and enhancedEntropy: false in the verify function? Are these settings the best settings?

Are you asking about a bcrypt library? SHA512 is a fast hash bcrypt is a slow hash. It takes longer to brute force bcrypt than SHA512. Frankly, configuring iterations is a feature in bcrypt. Set aside time to read the documentation and learn the definitions of the terms.
banoo 1 Reputation point

2021-06-23T15:52:21.893+00:00
By definition, salts are random bytes added to a password before it is hashed. The salt must be saved otherwise the hash cannot be recreated.

According to you, I have to save the salt in the database and use it like this when logging in.
it's true?

string salt = salt is read from the database //for example: $2a$12$ncjskFMRG08WaoGrZkXhGe string hashedPassword_db= HashedPassword is read from the database string enteredHashedPassword = BCrypt.Net.BCrypt.HashPassword(enteredPassword, salt); bool verify = BCrypt.Net.BCrypt.Verify(enteredHashedPassword, hashedPassword_db,false, hashType : HashType.SHA512);

I did this, but even though hashedPassword_db and enteredHashedPassword are the same, the Verify function returns false
AgaveJoe 31,361 Reputation points

2021-06-23T16:11:20.39+00:00

According to you, I have to save the salt in the database and use it like this when logging in. it's true?

I simply provided the definition. A salt is an array of random bytes added to a password before it is hashed. The original salt is required to get the origianl hash value from the hash algorithm. Logically, the salt must be saved somewhere.

I did this, but even though hashedPassword_db and enteredHashedPassword are the same, the Verify function returns false

I'm not particularly familiar with the bcrypt library you are using. If we assume the bcrypt library is bug free, that means there is something wrong with your implementation. You did not share enough code to guess where the mistake is located. Please run your logic through the debugger.
banoo 1 Reputation point

2021-06-23T17:09:31.8+00:00

The original salt is required to get the origianl hash value from the hash algorithm. Logically, the salt must be saved somewhere.

Salt is stored as part of the encrypted salt +password and is placed up to 22 characters after the third $.
Therefore, if I am not mistaken, there is no need to register the salt separately
AgaveJoe 31,361 Reputation points

2021-06-23T19:21:12.86+00:00

Salt is stored as part of the encrypted salt +password and is placed up to 22 characters after the third $. Therefore, if I am not mistaken, there is no need to register the salt separately

I think you still misunderstand the general terms and definitions. Hashing is a one way operation. A password is cannot be retrieved once it has been hashed. In order to validate a hashed password the same password must be passed through the same hashing operation as the original. The two hashes are compared. If the original hashing function added a random string to the password then you must save the random string otherwise you cannot never get the same hash results.

On the other hand, an encrypted string can be decrypted. In this case a salt does not make much sense unless you are trying to obfuscate the password.

Share code that reproduces this issue if need help with your code.

2 answers

Your answer

AgaveJoe 31,361 Reputation points

2021-06-23T10:33:35.683+00:00

The question I have at this stage is whether salt needs to be stored in the database?

By definition, salts are random bytes added to a password before it is hashed. The salt must be saved otherwise the hash cannot be recreated.

The next question is whether the verification was done correctly? Should I not use salt at this stage? I did not use salt in the login

According to the docs, Bcrypt is a password hasher which uses a salt. It's not clear how bcrypt is used to hash a password without a salt.

And the last question is whether it is correct to use hashType: HashType.SHA512 and enhancedEntropy: false in the verify function? Are these settings the best settings?

Are you asking about a bcrypt library? SHA512 is a fast hash bcrypt is a slow hash. It takes longer to brute force bcrypt than SHA512. Frankly, configuring iterations is a feature in bcrypt. Set aside time to read the documentation and learn the definitions of the terms.
banoo 1 Reputation point

2021-06-23T15:52:21.893+00:00

By definition, salts are random bytes added to a password before it is hashed. The salt must be saved otherwise the hash cannot be recreated.

According to you, I have to save the salt in the database and use it like this when logging in.
it's true?

string salt = salt is read from the database //for example: $2a$12$ncjskFMRG08WaoGrZkXhGe string hashedPassword_db= HashedPassword is read from the database string enteredHashedPassword = BCrypt.Net.BCrypt.HashPassword(enteredPassword, salt); bool verify = BCrypt.Net.BCrypt.Verify(enteredHashedPassword, hashedPassword_db,false, hashType : HashType.SHA512);

I did this, but even though hashedPassword_db and enteredHashedPassword are the same, the Verify function returns false
AgaveJoe 31,361 Reputation points

2021-06-23T16:11:20.39+00:00

According to you, I have to save the salt in the database and use it like this when logging in. it's true?

I simply provided the definition. A salt is an array of random bytes added to a password before it is hashed. The original salt is required to get the origianl hash value from the hash algorithm. Logically, the salt must be saved somewhere.

I did this, but even though hashedPassword_db and enteredHashedPassword are the same, the Verify function returns false

I'm not particularly familiar with the bcrypt library you are using. If we assume the bcrypt library is bug free, that means there is something wrong with your implementation. You did not share enough code to guess where the mistake is located. Please run your logic through the debugger.
banoo 1 Reputation point

2021-06-23T17:09:31.8+00:00

The original salt is required to get the origianl hash value from the hash algorithm. Logically, the salt must be saved somewhere.

Salt is stored as part of the encrypted salt +password and is placed up to 22 characters after the third $.
Therefore, if I am not mistaken, there is no need to register the salt separately
AgaveJoe 31,361 Reputation points

2021-06-23T19:21:12.86+00:00

Salt is stored as part of the encrypted salt +password and is placed up to 22 characters after the third $. Therefore, if I am not mistaken, there is no need to register the salt separately

I think you still misunderstand the general terms and definitions. Hashing is a one way operation. A password is cannot be retrieved once it has been hashed. In order to validate a hashed password the same password must be passed through the same hashing operation as the original. The two hashes are compared. If the original hashing function added a random string to the password then you must save the random string otherwise you cannot never get the same hash results.

On the other hand, an encrypted string can be decrypted. In this case a salt does not make much sense unless you are trying to obfuscate the password.

Share code that reproduces this issue if need help with your code.

Answer 1

Yijing Sun-MSFT 7,106

Hi @banoo ,

From a description of bcrypt at Wikipedia: ... The rest of the hash string includes the cost parameter, a 128-bit salt (Radix-64 encoded as 22 characters), and 184 bits of the resulting hash value (Radix-64 encoded as 31 characters). So the salt is automatically included in the output string which means there is no need to add it by yourself.
When someone tries to authenticate, retrieve the stored cost and salt. Derive a key from the input password, cost and salt. Encrypt the same well-known string. If the generated cipher text matches the stored cipher text, the password is a match.

Bcrypt operates in a very similar manner to more traditional schemes based on algorithms like PBKDF2. The main difference is its use of a derived key to encrypt known plain text;
The function HashPassword has prepended the salt to the password hash, so if you store the output of this, you are storing the salt.
Best regards,
Yijing Sun

If the answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our  documentation  to enable e-mail notifications if you want to receive the related email notification for this thread.

banoo 1

Thank you @Yijing Sun-MSFT

I knew there was no need to store salt in the database.
Now my question is when logging in, are the following codes sufficient and correct?

--hashedPassword is read from the database  
--enteredPassword: The password entered by the user is login. For example: 123  

 bool verify = BCrypt.Net.BCrypt.Verify(enteredPassword, hashedPassword,false, hashType : HashType.SHA512);  
          
          
     if (verify)  
     {  
     }  
     else  
     {  
     }

Yijing Sun-MSFT 7,106 Reputation points

2021-06-28T07:40:28.02+00:00
Hi @banoo ,
As far as I think,the hashedPassword is not read from the database.
I think it just like this:

string hashed = BCrypt.HashPassword(password, salt, enhancedEntropy: true, HashType.SHA512); var validateHashCheck = BCrypt.Verify(password, hashed, true, HashType.SHA512);

Best regards,
Yijing Sun

Answer 2

cheong00 3,491 Volunteer Moderator

Actually if you check the source, HashPassword(inputKey) is equal to HashPassword(inputKey, GenerateSalt()), therefore you know you shouldn't need to store it or HashPassword(inputKey) as a function would be useless.

For both HashPassword() and Verify(), if you do not pass the hashType parameter, it will use DefaultEnhancedHashType as default which is SHA384. Therefore if you try to do Verify() with HashType.SHA512 as parameter it will not match.

cheong00 3,491 Reputation points Volunteer Moderator

2021-06-24T03:41:23.637+00:00

As for best practice, lots of ideas in this article is still relevant. Jump to "Frequently Asked Questions" section if TL;DR.

Share via

Question about salt in Bcrypt

2 answers

Your answer