How to increase the salt length of crypt PHP API with CRYPT_SHA512?

Question

<?php

  echo 'SHA-512:' . crypt('rasmuslerdorf', '$6$rounds=5000$usesomesillystringforsalt$');

Output: SHA-512: $6$rounds=5000$usesomesillystri$D4IrlXatmP7rx3P3InaxBeoomnAihCKRVQP22JZ6EY47Wc6BkroIuUUBOov1i.S5KPgErtP/EN5mcO.ChWQW21

It uses only 16 character salt : usesomesillystri

Refs: crypt — One-way string hashing

Question:

• Is it possible to increase the salt length?
• Is there any drawback if we increase the salt length?

Thanks in advance.

Answer 1

Two questions immediately come to mind:

1. Why are you using CRYPT_SHA512 instead of CRYPT_BLOWFISH?
2. Why are you using crypt() instead of password_hash()/password_verify()/password_needs_rehash()?

One of the reasons you should use password_* instead of crypt() is it will generate a unique random salt for you. You really don't want to hand-roll your own salt generator if your goal is to be secure.

Is it possible to increase the salt length?

SHA512Crypt only allows a 16-character salt. Bcrypt uses a 22-character salt (a base64-encoded representation of a 128-bit random string).

Let's quantify this: A 128-bit salt (powered by a CSPRNG) will repeat exactly once (with 50% probability) after 2^64 (1.8446744e+19, or 18,446,744,073,709,551,616) password hashes are generated.

That's about 2.6 billion bcrypt hashes for every living person on planet Earth.

You don't need a longer salt for any appreciable security gain.

Is there any drawback if we increase the salt length?

It will silently truncate and, while you may feel smart for seemingly using a longer salt, it will have no effect on the security.

Further reading: How to safely store your users' passwords in 2016.