|
|
|
|
|
|
by dataflow
496 days ago
|
|
|
> Bcrypt is a password hash, not a KDF I feel gross calling a function that just blatantly ignores part of its input a hash, much less a password hash. It's like calling a rock a fish, because they're both in water, despite the lack of swimming. In any case, a hash that ignores some of its input is certainly not a cryptographically secure hash, so why is it being used for crypto? |
|
|