bcrypt icon indicating copy to clipboard operation
bcrypt copied to clipboard

Published 20 hours ago verified publisher icon pyca

Emphasise difference between round and work factor

Open FWDekker opened this issue 2 years ago • 2 comments

I think it's confusing that the API uses rounds to describe the work factor of bcrypt; the two are similar but not quite the same, since rounds = 2^(work factor). I think it's important with cryptography that terminology is used unambiguously to prevent implementation mistakes. Would you consider changing the name of this parameter to work_factor, perhaps at some point in the future when you plan a new major release?

FWDekker avatar Sep 13 '22 20:09 FWDekker

We wouldn't be opposed to changing it (although we can bikeshed about cost vs work factor). We'll probably make the next release 5.0.x anyway so if you want to put in a PR and a changelog entry noting that this will be a breaking change for kwarg users that's fine.

reaperhulk avatar Sep 14 '22 14:09 reaperhulk

although we can bikeshed about cost vs work factor

Exactly. The change isn't that important, so including it subtly in an upcoming major release would be very suitable. I'll see if I can whip up a PR this weekend.

FWDekker avatar Sep 16 '22 16:09 FWDekker

Given that bcrypt is pretty much outdated, I no longer think resolving this issue is worth the effort.

FWDekker avatar Mar 08 '24 12:03 FWDekker