Projects / crypt_blowfish


crypt_blowfish is an efficient implementation of a modern password hashing algorithm, based on the Blowfish block cipher, provided via the crypt(3) and a reentrant interface. It is compatible with bcrypt as used in OpenBSD. It is adaptable to future processor performance improvements, allowing you to arbitrarily increase the processing cost of checking a password while still maintaining compatibility with your older password hashes. The hashes it produces are several orders of magnitude stronger than traditional Unix DES-based or FreeBSD-style MD5-based hashes.

Operating Systems

Recent releases

  •  17 Jul 2011 13:39

    Release Notes: Support for the "$2y$" prefix (denoting correctly computed hashes) has been added. A countermeasure to avoid one-correct to many-buggy collisions with the "$2a$" prefix has been added (which is desirable when upgrading systems with existing "$2a$" hashes computed using pre-1.1 versions of crypt_blowfish). The "make check" tests and the runtime quick self-test have been improved. A patch for glibc 2.13 and 2.14 has been added. The documentation has been updated.

    •  21 Jun 2011 18:04

      Release Notes: The 8-bit character handling vulnerability (CVE-2011-2483) has been fixed. 8-bit test vectors and a quick self-test on every use of the password hashing function have been added.

      •  24 Feb 2010 12:21

        Release Notes: The check for unsupported iteration counts has been corrected to reject certain iteration counts that would previously be misinterpreted. Section .note.GNU-stack has been added to the x86 assembly file to avoid the stack area unnecessarily being made executable on Linux systems that use this convention.

        •  08 Sep 2009 01:25

          Release Notes: The glibc integration wrapper and patches have been revised for builds by recent versions of gcc.

          •  23 May 2006 08:49

            Release Notes: An optimization specific to x86-64 has been applied.


            Project Spotlight


            A Fluent OpenStack client API for Java.


            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.