How is Blowfish not reversible when it contains the salt in the hash?

Question

I'm learning PHP and I've come to the password hashing section of a course I'm following, but it's not explained well enough for my liking.

It seems that when using the crypt function, and using the CRYPT_BLOWFISH hash type, I get a resultant hash that contains the salt itself.

For example with the following code:

$salt = '$2y$10$iusesomecrazystrings22';
$password = crypt($password, $salt);

And using the password "123" I get a resultant \$password of $2y$10$iusesomecrazystrings2ui1qr860E30b0c9ijNqwCSwHnHdgz.1K once hashed. My question is how is this hash not reversible, if a hacker were to obtain it, given that the salt is in the hash itself?

I know that hashes use a many-to-one input-to-output mapping, so it may be difficult to reverse the hash to the exact password used, but surely it could be reversed to one of its many collisions, so to speak. However, I know that I must be wrong but can't explain why.

Does this answer your question? Why can't I reverse a hash to a possible input? also collision resistance is not related to password hashing first- and second-preimages are related. — kelalaka, Nov 04 '23 at 19:58
@kelalaka - The first post seems to help a bit, especially Thomas' answer. I'm still confused as to how a computer couldn't reverse-engineer a hash into a possible input that could work as a password. — cameron6, Nov 04 '23 at 22:24
@cameron6: an infinitely powerful computer could indeed find a possible input that could work as a password. But for this, if the hash is $b$-bit, and well-designed, and the actual password is un-guessable, then the best method we have is to try about $2^b$ inputs. And for large $b$ (at least 90, give or take 10) that's beyond current human capabilities. — fgrieu, Nov 05 '23 at 10:43

How is Blowfish not reversible when it contains the salt in the hash?

0 Answers0