SHA512 vs. Blowfish and Bcrypt

Posted by Chris on Stack Overflow See other posts from Stack Overflow or by Chris
Published on 2009-10-13T15:56:19Z Indexed on 2010/03/18 18:11 UTC
Read the original article Hit count: 799

Filed under:
|
|
|

I'm looking at hashing algorithms, but couldn't find an answer.

  • Bcrypt uses Blowfish
  • Blowfish is better than MD5
  • Q: but is Blowfish better than SHA512?

Thanks..

Update:

I want to clarify that I understand the difference between hashing and encryption. What prompted me to ask the question this way is this article, where the author refers to bcrypt as "adaptive hashing" http://chargen.matasano.com/chargen/2007/9/7/enough-with-the-rainbow-tables-what-you-need-to-know-about-s.html

Since bcrypt is based on Blowfish, I was led to think that Blowfish is a hashing algorithm. If it's encryption as answers have pointed out, then seems to me like it shouldn't have a place in this article. What's worse is that he's concluding that bcrypt is the best. What's also confusing me now is that the phpass class (used for password hashing I believe) uses bcrypt (i.e. blowfish, i.e. encryption). Based on this new info you guys are telling me (blowfish is encryption), this class sounds wrong. Am I missing something?

© Stack Overflow or respective owner

Related posts about security

Related posts about hashing