What is the output length of PHP crypt()?

php hash crypt
MTVS picture MTVS · Nov 4, 2012 · Viewed 13.1k times · Source

what's the output length of PHP crypt()?

md5() output is 128 bits and produce a string with 32 chars, so in data base you put that in a char(32) column, what about the crypt()?

Answer

hakre picture hakre · Nov 4, 2012

Note: It is totally limited to ask the question that way, see http://php.net/crypt

Some more details:

  • On success the length of the returned string can vary between 13 and 123.
  • The output length depends on the hash algorithm used. It remains undefined in your question.
  • The output length depends on the salt passed to the function. It remains undefined in your question.
  • crypt always returns the hashed string or a string that is shorter than 13 characters and is guaranteed to differ from the salt on failure.

Examples:

Lets start lightly with a simple crypt call and a valid two-character salt for a standard DES-based hash:

 13 :: 2 (salt) + 11 (hash - 64 bits, base 64)

If you use PHP's crypt and specificly MD5 (here better named: md5crypt, MD5(Unix), FreeBSD MD5, Cisco-IOS MD5; Hashcat mode 500) and an empty salt, the output length is:

 26 :: 3 (`$1$`) + 0 (empty salt) + 1 (`$`) + 22 (hash - 128 bits, base 64)

If on a system where PHP's crypt defaults to the said MD5 and it is called not specifying a salt, crypt will generate the salt. This salt is normally 8 characters long. The output length then is:

 34 :: 3 (`$1$`) + 8 (salt) + 1 (`$`) + 22 (hash)

In this case, your database table column char(32) would either report an error on insert or truncate - depending on which database server you are using.

But the MD5 example is moot, I picked it because you have it in your question, but you should not use MD5 with crypt (see: Md5crypt Password scrambler is no longer considered safe by author).

Instead lets take a look into Blowfish hashing (CRYPT_BLOWFISH). It has a two digit cost parameter and always a salt length of 22 (if a shorter salt is given, it is padded with $s):

 60 :: 4 (`$2y$`) + 3 (cost `$`) + 22 (salt) + 1 (`$`) + 53 (hash)

For the Blowfish crypt hash-algorithm (bcrypt, OpenBSD Blowfish; Hashcat mode 3200) there is a fixed length of 60 then.

As you can see the output length depends on the used hash-algorithm, the length of the salt and even some hash specific parameters like the cost.

If you for example opt of SHA512 with 999 999 999 rounds and a 16 byte long salt, the output length is:

123 :: 3 (`$6$`) + 17 (`rounds=999999999$`) + 16 (salt) + 1 (`$`) + 86 (hash)

This example is a little bit extreme maybe, just to show the picture.

Other crypt related questions:

Related questions

Exactly how do I use blowfish in PHP?

Possible Duplicate: Best way to use PHP to encrypt and decrypt passwords? I've been doing a lot with PHP recently and want to make my first login/registration system. As such I've been doing a lot of reading online to …

Read More
Why does crypt/blowfish generate the same hash with two different salts?

This question has to do with PHP's implementation of crypt(). For this question, the first 7 characters of the salt are not counted, so a salt '$2a$07$a' would be said to have a length of 1, as it is only 1 …

Read More
Which hashing algorithm provides the longest output?

I was curious about which hashing method usable by PHP's crypt function provides the longest output, and also, if the length of the output was relative at the chance of their being a collision of two hashes.

Read More