Can we generate BCrypt / SCrypt / Argon2 hash password using CNG (Windows Cryptography API)?

Question

Is it possible with the CNG (Windows Cryptography API: Next Generation) to generate BCrypt / SCrypt / Argon2 hash password ?

BCrypt is a computationally difficult algorithm designed to store passwords by way of a one-way hashing function. You input your password to the algorithm and after significant (relative) computation, an output is produced. Bcrypt has been around since the late 90s and has handled significant scrutiny by the information security/cryptography community. It has proven reliable and secure over time.

Scrypt is an update to the same model from which Bcrypt arose. Scrypt is designed so as to rely on high memory requirements as opposed to high requirements on computational power. The realization that lead to this, was that specialized computer chips (FPGA/ASICs/GPUs) could be purchased at scale by an attacker easier than could huge amounts of memory for a traditional computer.

Answer 1

Short Answer

No.

Long Answer

Neither CryptoAPI nor Crypto API Next Generation (CryptNG) support bcrypt, scrypt, or argon2

bcrypt is a customized version of the blowfish encryption algorithm. Blowfish is not supported by CNG. And even if it was, bcrypt uses a version of bcrypt with a custom "expensive" key setup.

scrypt is (nearly) PBKDF2, which is supported by CNG:

Byte[] scrypt(String password, int DesiredNumberOfBytes, ...)
{
   Byte[] salt = SpecialScryptSaltGeneration(password, ...)
   
   return PBKDF2(password, salt, DesiredNumberOfBytes, 1);
}

but the SpecialScryptSaltGenration uses primitives not included in CNG (ChaCha, Salsa/20).

Argon2 uses custom primitives that don't exist anywhere.