§

Mai Samar da Bcrypt

§

Samar da Hash na Bcrypt

10 (1,024 rounds)

Bcrypt ya kasance babban tsarin hashing na kalmar sirri a ci gaban yanar gizo na Amurka tun lokacin da Provos da Mazières suka ƙaddamar da shi a 1999. NIST SP 800-63B yana ba da shawarar hashing mai wuyar ƙwaƙwalwa don adana kalmomin sirri, kuma OWASP ya lissafa bcrypt a matsayin zaɓin da aka fi so tare da Argon2id. Rails yana aika bcrypt ta hanyar has_secure_password, Django yana goyan bayan sa azaman backend mai toshewa, kuma masu haɓaka Node.js suna amfani da bcryptjs. Ma'aunin farashi yana sarrafa tsawon lokacin da hash guda ɗaya ke ɗauka — ninka farashi yana ninka aikin. Yawancin aikace-aikace suna daidaita farashi 10 (zagaye 1,024) a matsayin tushe, yayin da tsarin kuɗi ko na gudanarwa sau da yawa suna zuwa 12 (zagaye 4,096). Wannan kayan aiki yana aiki gaba ɗaya a cikin burauza ta amfani da JavaScript, don haka kalmomin sirrinku ba sa barin na'urarku.

// Kayan Aiki Masu Alaƙa

./hash-generator
Mai Samar da Hash
Samar da digests na MD5, SHA-1, SHA-256, da SHA-512.
./password-generator
Mai Samar da Kalmomin Sirri
Samar da kalmomin sirri masu ƙarfi da maganganun sirri a cikin burauzar ku.
./uuid-generator
Mai Samar da UUID
Samar da UUID na RFC 4122 v4/v1 da RFC 9562 v7.
./
Duk Kayan Aiki
Duba cikakkun kayan aikin Ultim8Soft na online.

Menene bcrypt?

Bcrypt aikin hashing ne na kalmar sirri wanda Niels Provos da David Mazières suka ƙera, bisa tushen cipher Blowfish. Ba kamar digests masu sauri kamar MD5 ko SHA-256 ba, bcrypt da gangan yana a hankali kuma yana da tsada a ƙididdiga — wannan yana sa hare-haren ƙarfi a kan hashes na kalmomin sirri da aka sata su zama marasa amfani. Bcrypt yana samar da gishiri na bazuwar ta atomatik ga kowace kalmar sirri, don haka kalmomin sirri iri ɗaya suna samar da hashes daban-daban.

Yaya bcrypt yake aiki?

Algorithm na bcrypt yana aiki gaba ɗaya a cikin burauzar ku. Ga abin da ke faruwa mataki-mataki:

  1. An rufa kalmar sirrinku azaman baitoci na UTF-8 kuma an ciyar da shi cikin jadawalin maɓallan bcrypt, wanda ke ƙaddamar da P-safu ta baitoci 4,184 da S-boxes na cipher Blowfish ta amfani da kalmar sirri da gishiri.
  2. Ana samar da gishiri na bazuwar 128-bit. Ana haɗa gishiri a cikin jadawalin maɓalli ta yadda kowane gishiri na musamman yana samar da hash daban-daban gaba ɗaya ko da don kalmar sirri ɗaya.
  3. Ana gudanar da jadawalin maɓalli don zagaye 2^cost (misali, 2^10 = 1,024 maimaitawa a farashi 10). Kowane maimaitawa yana sake rufa bayanan gishiri da P-safu, yana sa lissafin ya yi a hankali yayin da farashi yake ƙaruwa.
  4. Sakamakon ƙarshe shine kirtani na haruffa 60 a cikin tsarin $2b$<cost>$<salt><hash>, inda farashi aka cika da sifili (misali, 10), gishiri haruffa 22 na Base64, kuma hash haruffa 31 na Base64.
  5. Don tabbatarwa, ana sake gudanar da algorithm ɗaya tare da kalmar sirrin da za a tantanta da gishirin da aka ɗauka daga hash da aka adana. Idan hash da aka samu ya yi daidai da wanda aka adana, kalmar sirrin daidai ce.

Wane ma'aunin farashi zan yi amfani da shi?

Ma'aunin farashi shine logarithm na adadin maimaitawa — farashi 10 yana nufin 2^10 = zagaye 1,024, farashi 12 yana nufin zagaye 4,096. Zaɓi bisa la'akari da buƙatun tsaron ku da kayan aikin ku:

  • Farashi 4-6 (zagaye 16-64) — don haɓakawa da gwaji kawai. Yayi sauri sosai don amfani da samarwa; yana ba da kariya kaɗan.
  • Farashi 8 (zagaye 256) — mafi ƙanƙanta ga aikace-aikace marasa mahimmanci. Kusan 6ms akan kayan aikin zamani.
  • Farashi 10 (zagaye 1,024) — tushen shawarar yanzu. Yana ɗaukar kusan 25ms. Yana da kyau ga yawancin aikace-aikacen yanar gizo.
  • Farashi 12 (zagaye 4,096) — shawarar ga tashoshin gudanarwa, tsarin kuɗi, da aikace-aikace masu tsaro mai girma. Yana ɗaukar kusan 100ms.
  • Farashi 14 (zagaye 16,384) — tsaro mai girma. Yana ɗaukar kusan 400ms. Yi amfani da shi don kalmomin sirrin manyan, maɓallan rufewa, ko duk lokacin da jinkirin shiga ya kasance karbabbu.

Me yasa a yi amfani da wannan mai samar da bcrypt?

  • An kare sirrinka — ana hashing kowace kalmar sirri a cikin burauzar ku, kuma babu bayanai da ke barin na'urarku.
  • Kuna samun hanyoyin biyu tare: samar da sabbin hashes ko tabbatar da waɗanda suke akwai ba tare da sauya shafuka ba.
  • Ma'aunin farashi yana daidaitacce daga 4 (sauri) zuwa 15 (a hankali sosai), don haka kuna iya daidaita buƙatun tsaron aikace-aikacenku.
  • Hashes suna amfani da tsarin $2b$ na yau da kullun wanda ke aiki da kowane babban harshe da tsarin aiki.

Menene aikace-aikacen bcrypt na yau da kullun?

Ana amfani da Bcrypt sosai don adanawa da tabbatar da kalmomin sirri a cikin masana'anta:

  • Tabbatar da aikace-aikacen yanar gizo — adana hashes na kalmomin sirri na masu amfani a cikin bayanai don kada a taɓa adana kalmomin sirri a sarari.
  • Hashing na maɓallan API — hashing sirrin API kafin adana su, don haka ɓarnar bayanai ba ta fitar da ingantattun takardun shaidar.
  • Duba ƙaura — bincika cewa hashes na kalmomin sirri na tsoho daga tsohon tsarin har yanzu suna tabbatar da masu amfani bayan haɓaka matakin tabbatarwa.

Yaya hash na bcrypt yake kama?

Hashing kalmar sirri hunter2 tare da ma'aunin farashi 10 yana samar da kirtani kamar $2b$10$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy. Tsarin ya rabu kamar: $2b$ (sigar algorithm), 10 (ma'aunin farashi), $, sannan haruffa 22 na gishiri da haruffa 31 na hash, duk an rufa su da Base64. Kowace gudu tare da kalmar sirri ɗaya tana samar da hash daban-daban saboda gishirin bazuwar.

Wannan mai samar da bcrypt yana aiki gaba ɗaya a cikin burauzar ku ta amfani da JavaScript zalla. Hash kalmomin sirri kafin adana su, tabbatar da hashes da ke akwai, kuma daidaita ma'aunin farashi don dacewa da buƙatun tsaron ku — duk ba tare da aika ko da baiti ɗaya ga uwar garken ba.