published under license Attribution-ShareAlike 4.0 International (CC BY-SA 4.0)copy! share!
posted in category Copied Stuff / Tech
posted at 24. Jun '23
A List of Crypt Algorithms
I’m copying it here from Wikipedia - https://en.wikipedia.org/wiki/Crypt_(C), because it is almost impossible to find right away (not with lazy keywords like “md5 bcrypt yescrypt 2a shadow”). Man pages like https://man7.org/linux/man-pages/man3/crypt.3.html froze in time and the latest hash function is…SHA-512.
| Scheme id | Schema | Example |
|---|---|---|
| DES | Kyq4bCxAXJkbg | |
| _ | BSDi | _EQ0.jzhSVeUyoSqLupI |
| 1 | MD5 | $1$etNnh7FA$OlM7eljE/B7F1J4XYNnk81 |
| 2, 2a, 2b, 2x, 2y | bcrypt | $2a$10$VIhIOofSMqgdGlL4wzE//e.77dAQGqntF/1dT7bqCrVtquInWy2qi |
| 3 | NTHASH | $3$$8846f7eaee8fb117ad06bdd830b7586c |
| 5 | SHA-256 | $5$9ks3nNEqv31FX.F$gdEoLFsCRsn/WRN3wxUnzfeZLoooVlzeF4WjLomTRFD |
| 6 | SHA-512 | $6$qoE2letU$wWPRl.PVczjzeMVgjiA8LLy2nOyZbf7Amj3qLIL978o18gbMySdKZ7uepq9tmMQXxyTIrS12Pln.2Q/6Xscao0 |
| 7 | scrypt | $7$DU…./….2Q9obwLhin8qvQl6sisAO/$sHayJj/JBdcuD4lJ1AxiwCo9e5XSi8TcINcmyID12i8 |
| 8 (Cisco) | PBKDF2 with SHA256 | $8$mTj4RZG8N9ZDOk$elY/asfm8kD3iDmkBe3hD2r4xcA/0oWS5V3os.O91u. |
| 8 (JunOS) | PBKDF2 | $8$crypt-algo$hash-algo$iterations$salt$iv$tag$encrypted $8$aes256-gcm$hmac-sha2-256$100$y/4YMC4YDLU$fzYDI4jjN6YCyQsYLsaf8A$Ilu4jLcZarD9YnyD /Hejww$okhBlc0cGakSqYxKww |
| gy | gost-yescrypt | $gy$jCT$HM87v.7RwpQLba8fDjNSk1$VgqS7k2OZWhFbAJVBye2vaA7ex/1VtU3a5fmL8Wv/26 |
| md5 | Solaris MD5 | $md5,rounds=5000$GUBv0xjJ$$mSwgIswdjlTY0YxV7HBVm0 |
| sha1 | PBKDF1 with SHA-1 | $sha1$40000$jtNX3nZ2$hBNaIXkt4wBI2o5rsi8KejSjNqIq |
| y | yescrypt | $y$j9T$F5Jx5fExrKuPp53xLKQ..1$X3DX6M94c7o.9agCG9G317fhZg9SqC.5i5rd.RhAtQ7 |
Blowfish (bcrypt) variants:
$2$– Obsolete.$2a$– The current key used to identify this scheme. Since a major security flaw was discovered in 2011 in a non-OpenBSD crypt_blowfish implementation of the algorithm,[16] hashes indicated by this string are now ambiguous and might have been generated by the flawed implementation, or a subsequent fixed, implementation. The flaw may be triggered by some password strings containing non-ASCII (8th-bit-set) characters.$2b$– Used by recent OpenBSD implementations to include a mitigation to a wraparound problem.[17] Previous versions of the algorithm have a problem with long passwords. By design, long passwords are truncated at 72 characters, but there is a byte integer wraparound problem with certain password lengths resulting in weak hashes.[18]$2x$– A flag added after the crypt_blowfish bug discovery. Old hashes can be renamed to be $2x$ to indicate that they were generated with the broken algorithm. These hashes are still weak, but at least it’s clear which algorithm was used to generate them.$2y$– A flag in crypt_blowfish to unambiguously use the new, corrected algorithm. On an older implementation suffering from the bug, $2y$ simply won’t work. On a newer, fixed implementation, it will produce the same result as using $2b$
Argon2, yescrypt:
$y$- yescrypt is an extension of scrypt ($7$) and a PHC finalist. It is used in several Linux distributions as an alternative to the existing schemes. To use this hash, the libcrypt from glibc is replaced with a backward-compatible one from the “libxcrypt” project.$argon2d$,$argon2i$,$argon2ds$- These are PHC-assigned names for the Argon2 algorithm, but do not seem to be widely used.
Source: https://en.wikipedia.org/wiki/Crypt_(C). Contains also other very useful stuff.
Add Comment