On 8 November 2012 11:03, Jannis Grimm <jan...@gje.ch> wrote: > Can you point me to your source for that statement? All that I heard is > that PDKDF2 is strong enough, but bcrypt is better, because PDKDF2 can be > GPU accelerated.
Was reading http://csrc.nist.gov/publications/nistpubs/800-132/nist-sp800-132.pdf - may have gotten slightly the wrong end of the stick as its more talking about key generation rather than password hashing. I dont profess to be a cryptography expect, but I will say that although bcrypt can not be GPU accelerated, PDKDF2 is significantly better understood / better researched. Bcrypt is technically a "better" algorithm for hashing passwords, as far as our current understanding, but there is nothing to say that implementing PDKDF2 with a high iteration count is not secure. It certainly has more documentation and "corporate" backing (PKCS etc) if you are looking to convince stakeholders. Could always go with something like scrypt if you think the NSA is out to get you.... quite a good blog posts on the subject - http://www.unlimitednovelty.com/2012/03/dont-use-bcrypt.html Jonty. -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to symfony-devs@googlegroups.com To unsubscribe from this group, send email to symfony-devs+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en
