Projects / crypt_blowfish


crypt_blowfish is an efficient implementation of a modern password hashing algorithm, based on the Blowfish block cipher, provided via the crypt(3) and a reentrant interface. It is compatible with bcrypt as used in OpenBSD. It is adaptable to future processor performance improvements, allowing you to arbitrarily increase the processing cost of checking a password while still maintaining compatibility with your older password hashes. The hashes it produces are several orders of magnitude stronger than traditional Unix DES-based or FreeBSD-style MD5-based hashes.

Operating Systems

RSS Recent releases

  •  17 Jul 2011 14:26

Release Notes: Support for the "$2y$" prefix (denoting correctly computed hashes) has been added. A countermeasure to avoid one-correct to many-buggy collisions with the "$2a$" prefix has been added (which is desirable when upgrading systems with existing "$2a$" hashes computed using pre-1.1 versions of crypt_blowfish). The "make check" tests and the runtime quick self-test have been improved. A patch for glibc 2.13 and 2.14 has been added. The documentation has been updated.

  •  21 Jun 2011 21:12

Release Notes: The 8-bit character handling vulnerability (CVE-2011-2483) has been fixed. 8-bit test vectors and a quick self-test on every use of the password hashing function have been added.

  •  24 Feb 2010 12:37

Release Notes: The check for unsupported iteration counts has been corrected to reject certain iteration counts that would previously be misinterpreted. Section .note.GNU-stack has been added to the x86 assembly file to avoid the stack area unnecessarily being made executable on Linux systems that use this convention.

  •  08 Sep 2009 05:13

    Release Notes: The glibc integration wrapper and patches have been revised for builds by recent versions of gcc.

    •  23 May 2006 01:49

    Release Notes: An optimization specific to x86-64 has been applied.


    Project Spotlight

    Barcode Writer in Pure Postscript

    A generator of all major barcode formats entirely within Postscript.


    Project Spotlight

    Packet Peeper

    A network protocol analyzer for Mac OS X.