Hi,
I need some pointers on how to approach a current task. Create hashes of passwords that are stored in a database. So after reading up on the subject I see that I should go for either PBKDF2 or BCrypt. And I have some question about these:
PBKDF:
The only supported solution is using HMAC SHA1 which does seems kinda old school. I could write my own that accepts SHA512 for example but I would rather find something proven. Does it exist? Second, what is the iteration recommendation in 2016 - 256000?
I can see that there is a version 3 of Microsofts "PasswordHasher" (Microsoft.AspNetCore.Cryptography.KeyDerivation) which supports SHA512 and higher iterations. But looking at the implementation is seems that they use BCrypt behind (Win8Pbkdf2Provider). I guess that means this solution isn't "supported" by NIST?
BCrypt:
Still not supported by NIST - and we would expect customers in US to require this I guess. However I'm also reluctant to use BCrypt because I need something that is backed by a large company - all I can find are some old implementations that 1 guy updates (if
ever). What are the iteration (workfactor) recommendation in 2016 - 12?
An alternative approach would be to just go with standard Rfc2898DeriveBytes using HMAC SHA1 and then using AES to encrypt the database values - storing the crypto key on disk.
What do you guys recommend? What do you do when looking into securing enterprise level software?
/Werner