search

kmaragon / Konscious.Security.Cryptography

MIT License
202 stars 20 forks source link

Getting different argon2di results on different PCs #34

Closed dxk3355 closed 4 years ago

dxk3355 commented 4 years ago

I have three computers I've run a test program on to figure out a bug. Machine A from 2008 and has Windows 10 32 bit Machine B from 2016 and has Windows 7 64 bit Machine C from 2012 and has Windows 10 64 bit

All the machines are running the same program which was written in C# and .NET Core 3.1.1 and I redid it in .NET 4.7.2 with the same results

using System;
using System.Threading;

namespace TestArgon
{
    class Program
    {
        static void Main(string[] args)
        {
            byte[] salt = new byte[128];
            for(int i = 0; i<128; i++)
            {
                salt[i] = 0;
            }

            while (true)
            {
                Console.WriteLine(Argon2di("PASSWORD", salt, 128));
                Thread.Sleep(5000);
            }
        }

        public static string Argon2di(string userPassword, byte[] salt, int bytesize = 128, int iterations = 80, int memory = 8192)
        {

            Konscious.Security.Cryptography.Argon2id argon2Id = new Konscious.Security.Cryptography.Argon2id(System.Text.Encoding.Unicode.GetBytes(userPassword));
            argon2Id.Salt = salt;
            argon2Id.MemorySize = memory;
            argon2Id.Iterations = iterations;
            argon2Id.DegreeOfParallelism = Environment.ProcessorCount;
            byte[] hash = argon2Id.GetBytes(bytesize);
            return Convert.ToBase64String(hash);
        }
    }
}

Machine B and C generate the same results. Machine A is generating a different output. In theory since the hash is the same the results should match unless I'm missing something with how Argon2 works.

Machine A generates NlDLX7OXO76bYJxrTBNmS0oca1sQCsR8Cy9nAyLgINZZJrIYyC+5+2e8D8MJUKgHC5+KXWuQGWMqX8sM27cr1CJgHbOpjWHUTsemvpDqS/6J7Rmx54/vEphRm498/NePw9+ed98WFP34AEJFU+rCvx9bk/0/fmnScZSVmMw8ej0=

B and C generate fMW4Hrpuy9aEt5E6PkoNfuWOcpDE9J/Sr+M9XcgbfZA9h1uhsXDHFOoVMkkQJ2eW94u23ugwLiySy9l9ie830y0ZUYF92QXArMstdbp73LVCYhlZzHXfh6DtqrTJqwei9gE66ObdQmg5AElD9gXfg/rWrARqM1jLSTpEkjXjEdk=

SparkDustJoe commented 4 years ago

Your processor count is what's tripping you up. Parallelism isn't simply a way to speed up processing, it affects the outcome of the calculation as lanes overwrite each other. If you set that to a constant, all 3 machines should produce the same outcome.

dxk3355 commented 4 years ago

That was it. Thank you very much.