2

I've a dumb question (and probably has been already asked):

People always compare between BCrypt and PBKDF2 and say that BCrypt is better because it is for example slower to use GPU, but they ignore the Rounds value, espetially when i talk about Python, where BCrypt is not powerful, so my question is simple:

The tests used the excellent python library Passlib

is it worth to use BCrypt even with small round value? in Passlib, the default value is 12, tested and gave me 0.40 seconds, while PBKDF2 gave me with the default value which is 12000 rounds: 0.142 seconds

so for example, if i use BCrypt with only 5 rounds, i'll say: hey, my application is more secure -and faster- than using PBKDF2 with 12000 rounds! (it seems dumb i know, sorry).

here is the benchmark results

Community
  • 1
  • 1
Abdelouahab Pp
  • 4,252
  • 11
  • 42
  • 65

1 Answers1

2

Note that the actual number of iterations in bcrypt is 2^rounds, so for example rounds=5 -> iterations=32, and the default rounds=12 -> iterations=4096. When comparing between bcrypt and pbkdf2, make sure that they mean the same thing when they say "rounds".

General rule on bcrypt is to use the largest value for rounds that you can afford, in terms of user logon not being annoyingly slow. Your test of 0.4 seconds sounds like you have it about right.

rossdavidh
  • 1,966
  • 2
  • 22
  • 33
  • 1
    from what i've found, it seems developpers follow current year: multiple of 1000 `(12*1000)` for 2012, and `2^12` for bcrypt – Abdelouahab Pp Mar 11 '13 at 21:40