A Popular Password Hashing Algorithm Starts Its Long Goodbye

An anonymous reader quotes a report from Wired: Bcrypt turns 25 this year, and Niels Provos, one of its coinventors, says that looking back, the algorithm has always had good energy, thanks to its open source availability and the technical characteristics that have fueled its longevity. Provos spoke to WIRED about a retrospective on the algorithm that he published this week in Usenix;login:. Like so many digital workhorses, though, there are now more robust and secure alternatives to bcrypt, including the hashing algorithms known as scrypt and Argon2. Provos himself says that the quarter-century milestone is plenty for bcrypt and that he hopes it will lose popularity before celebrating another major birthday.

A version of bcrypt first shipped with the open source operating system OpenBSD 2.1 in June 1997. At the time, the United States still imposed stringent export limits on cryptography. But Provos, who grew up in Germany, worked on its development while he was still living and studying there. 'One thing I found so surprising was how popular it became,' he says. 'I think in part it's probably because it was actually solving a problem that was real, but also because it was open source and not encumbered by any export restrictions. And then everybody ended up doing their own implementations in all these other languages. So these days, if you are faced with wanting to do password hashing, bcrypt is going to be available in every language that you could possibly operate in. But the other thing that I find interesting is that it's even still relevant 25 years later. That is just crazy.'

Provos developed bcrypt with David Mazieres, a systems security professor at Stanford University who was studying at the Massachusetts Institute of Technology when he and Provos collaborated on bcrypt. The two met through the open source community and were working on OpenBSD. Password security is always lagging, though, and both Provos and Mazieres expressed disbelief and disappointment that the state of passwords broadly has not evolved in decades. Even new schemes like passkeys are only just beginning to emerge. 'Bcrypt should have been superseded already,' Provos says. 'It's surprising how much reliance we still have on passwords. If you had asked me 25 years ago, I would not have guessed that.'

Read more of this story at Slashdot.