4

Given that the rule of thumb is to store salted hashes of the password string, not the encrypted form of it, why does the PHP crypt() function use the DES-based algorithms? Isn't DES an encryption algorithm? The manual says

... crypt() will return a hashed string using the standard Unix DES-based algorithm or alternative algorithms that may be available on the system ...

What I understand from here is that crypt() only uses the algorithm as implemented by the system. And surely DES is implemented as an encryption algorithm rather than a custom hashing algorithm for crypt.

PS - I know that DES was way back in the past and nobody should use it anymore.

Amal Murali
  • 75,622
  • 18
  • 128
  • 150
user1720897
  • 1,216
  • 3
  • 12
  • 27
  • This question appears to be off-topic because it is about why the authors of php choose to write a function as they did. –  Mar 09 '14 at 20:24
  • 1
    Yep, DES is an encryption algorithm. But Blowfish is too, and it’s the basis of bcrypt! I’m going to go find out exactly how things are fed back into each other to make them hashing algorithms before accidentally giving you misinformation, though. – Ry- Mar 09 '14 at 20:25
  • 1
    @Dagon: It's a perfectly valid question. Your close reason doesn't make any sense. – Amal Murali Mar 09 '14 at 20:26

1 Answers1

3

The idea of DES-based password hashing is, basically, to encrypt a block of zeroes with the password and passed salt for some number of rounds. Any half-decent encryption makes key recovery hard even in the face of known plaintext, so that’s why it’s possible to make strong password hashes out of encryption functions.

I think the PHP default is compatible with this scheme.

Ry-
  • 218,210
  • 55
  • 464
  • 476