david wong

Hey! I'm David, a security consultant at Cryptography Services, the crypto team of NCC Group . This is my blog about cryptography and security and other related topics that I find interesting.

How facebook hash its passwords

posted January 2015

$cur  = 'plaintext'
$cur  = md5($cur)
$salt = randbytes(20)
$cur  = hmac_sha1($cur, $salt)
$cur  = cryptoservice::hmac($cur)
        [= hmac_sha256($cur, $secret)]
$cur  = scrypt($cur, $salt)
$cur  = hmac_sha256($cur, $salt)

the explanation is here

tl;dr: the md5 is here for legacy purpose, cryptoservice::hmac is to add a secret salt, scrypt (which is a kdf not a hash) is for slowing brute force attempts and the sha256 is here for shortening the output.

Well done! You've reached the end of my post. Now you can leave me a comment :)