1 These are all general purpose hash functions, designed to calculate a digest of huge amounts of data in as short a time as possible.
2 So I’m not saying salts are without purpose, I’m saying that they don’t prevent dictionary or brute force attacks (which they don’t).
3 It uses a variant of the Blowfish encryption algorithm’s keying schedule, and introduces a work factor , which allows you to determine how expensive..
트위터 반응

@summerlight00: http://t.co/LaAh79MX 패스워드를 저장하는 용도로 개발된 알고리즘인데... "빠른 계산"을 목표로 한 일반 해싱 함수는 brute-force로 깨기도 쉬운데, 역발상으로 느린 해싱 함수를 통해 깨기 어렵게 만들었다고