Is Bcrypt used for Hashing or Encryption? A bit of confusion

ThinkingMonkey picture ThinkingMonkey · Jan 27, 2012 · Viewed 16.6k times · Source

I have been reading about bcrypt (application perspective). Thinking of using it to store passwords on my site.

Out of some stuff that I read it suggests either ways:

  • e.g. 1: Bcrypt is a cross platform file encryption utility from bcrypt
  • e.g. 2: bcrypt is an adaptive password hashing algorithm which uses the Blowfish keying schedule, not a symmetric encryption algorithm. from How To Safely Store A Password
  • bcrypt is an adaptive cryptographic hash function for passwords designed by Niels Provos and David Mazières, based on the Blowfish cipher: from bcrypt wiki

What exactly is Bcrypt?

Answer

PaulG picture PaulG · Jan 27, 2012

It is both :)

Most of the time when people mention BCrypt, they are talking about the adaptive hash algorithm, but it is also the name of an unrelated file encryption utility.

Both are based on the Blowfish cipher.