PBKDF2 vs bcrypt vs SCrypt

From Hash Iterations to RAM Requirements

PBKDF2 secured passwords by looping a simple hash (like SHA-256) millions of times to exhaust CPU time. Bcrypt advanced this by making the process actively resistant to simple GPU parallelization through dynamic salt routing.

SCrypt introduced 'memory-hardness,' demanding high amounts of RAM to calculate the hash. This definitively laid the groundwork for today's state-of-the-art Argon2 architecture.

The Shift to Argon2

While bcrypt successfully defeated early ASICs by leveraging random 4KB RAM hits, modern GPUs have massive, highly efficient pipelines that can crush 4KB lookups. Argon2 defeats modern GPUs by instantly allocating gigabytes of RAM dynamically per hash.

Everyday Example

PBKDF2 makes attackers run on a treadmill for an hour to guess a single password. Bcrypt puts the treadmill on a steep incline. Argon2 makes them run on the treadmill while trying to solve a Rubik's cube while juggling chainsaws. It forces modern hacker hardware to slow to a complete mathematical crawl.

The Deep Mathematics

The Eksblowfish algorithm powering bcrypt relies on a mutating state array. It modifies 4 KB of data continuously and randomly, inducing massive L1 cache miss penalties on GPU architectures. Argon2id surpasses this by scaling the directed acyclic graph mapping up to gigabytes of dynamically accessed RAM, choking ASIC bus interfaces entirely.