Reputation: 63895
How to use BouncyCastle in C# for Blowfish one-way hashing?
I've seen a ton of questions asked about Blowfish and C# and the usual answer is BouncyCastle. However, the project has basically no documentation and I can't find my way around the directory structure to even find unit tests as examples. I mean, is Blowfish known as Asn1, Bcpg, Crypto(in general?), EC, Ocsp, Pkcs, or what? I lack the domain knowledge of knowing what all of the acronyms in the source code means.
Is there any useful articles or blogs or something that has succeeded in using the C# BouncyCastle API for Blowfish? My primary need is to use Blowfish for password hashing.
Upvotes: 10
Views: 3473
Answers (2)
Reputation: 682
Also you should check out: Why does BCrypt.net GenerateSalt(31) return straight away? And the codeplex implementation: bcrypt.codeplex.com
Upvotes: 0
Reputation: 22946
For password hashing I would recommend going with bcrypt which internally uses Blowfish. The advantage of using bcrypt is that you can easily configure how expensive it is in generating your output hash. This is important as the biggest problem with many popular hash algorithms is that they work very quickly and this allows a brute force attack to run through many permutations to find a match. By specifying a large work factor you can make it slow to run (in computer terms but still fast in human terms) and so a brute force attack becomes unfeasable.
There are C# implementations already available.
Upvotes: 5
Related Questions
- How to use BouncyCastle's Diffie-Hellman in C#?
- How to decrypt data using the BouncyCastle Blowfish implementation?
- How to use BouncyCastle for calculating Message Digests?
- Convert .NET detached signature verification to bouncycastle
- BouncyCastle HMAC SHA1
- Calculate the hash of files with Bouncy Castle
- How to create a PBKDF2-SHA256 password hash in C# / Bouncy Castle
- Generate HMAC-SHA256 hash with BouncyCastle
- How to add BouncyCastleProvider in C#?
- Bouncy Castle PBEWITHSHA256AND256BITAES encryption in C#