The reasons why eksblowfish is several orders of magnitude harder
to bruteforce that other algos (like SHA, or N interations of hash-x) have little to do with iterations.
Let me quote something for you:
Provos and Mazières took advantage of this, and actually took it further. They developed a new key setup algorithm for Blowfish, dubbing the resulting cipher "Eksblowfish" ("expensive key schedule Blowfish"). The key setup begins with a modified form of the standard Blowfish key setup, in which both the salt and password are used to set all subkeys. Then there are a number of rounds in which the standard Blowfish keying algorithm is applied, using alternately the salt and the password as the key, each round starting with the subkey state from the previous round. This is not cryptographically significantly stronger than the standard Blowfish key schedule, but the number of rekeying rounds is configurable; the hashing process can therefore be made arbitrarily slow, which helps deter brute-force attacks upon the hash or salt.
As you are an insolent fool, which doesn't understand a thing about hashing algorithms and you failed to explain how bcrypt actually works, let me explain you in my own words
what this description means.
Roughly the eksblowfish is all about creating multiple keys, of which each is mixed with salt, and then each of the keys is applied in each of multiple rounds of the algorithm. Each next (n+1) round begins in mixing the key with salt and applying it to the previous (n) round through encryption. In other words, bcrypt() is simply a recurrent hashing algorithm, where each consecutive round of hashing begins with adding the salt to the result of previous round
. Exactly as the algorithm which I have written.
The references explain why eksblowfish is so good at being slow. But go ahead... keep "daring" me to explain (the references that I posted in this thread do an ample job, for those who are interested). I will admit that your taunts amuse me, however.
You are still a fool, and you have explained nothing. What you have done is a copypasta work from other sites. You haven't actually described in your own words how the algorithms work.
1. Learn to read first, before you start talking to me. I have never ever in any post said anything about any "cascade effect".
2. STOP MANIPULATING!
. STOP making offtopic so it makes you look smarter than you actually are
. You are weak, and you are using cheap tricks of the weak. This will not work with me.
It's not my job to hand-feed you.
It is your job to provide valid logical arguments since you started this stupid discussion. You have failed to do so.
Bcrypt is the best tool to protect password databases against offline attacks.
Actually, i personally think about incorporating bcrypt() into my algo for greater performance, but i will be continuing this discussion just to prove how stupid, impudent and manipulative you are.