15

I'm looking for a reference about the weird initial BCrypt text "OrpheanBeholderScryDoubt"

  • Why was this string used?
  • Would using 192 zeros or ones not have worked well in practice for some reason?
  • Was that just four random dictionary words (orphean, beholder, scry, doubt), or is there some special meaning to the bcrypt authors, maybe some kind of cryptography joke that flew over my head?

The google results have so many hits where the magic string is mentioned, in pseudocode or description of the implementation, that I am unable to find relevant historical explanations (if any exist).

Improve this question

2 Answers 2

Reset to default
22
+50

OrpheanBeholderScryDoubt

This isn't authoritative, since I couldn't find a reference, but I found the commit where the string was introduced dated 1997/02/16.

The earlier version used the string OpenBSDbcrypthashfunc, since it was designed to be used with OpenBSD (it is the default on OpenBSD). The new string keeps the same initials OpenBSD (OrpheanBeholderScryDoubt) as a nod to its origins.

So all things point to it just being an arbitrary 24 character string with a nod to OpenBSD.

Improve this answer
4

To discuss this more generally:

Why was this string used?

This type of string is a Nothing up my sleeves number (in reference to a magician about to show a trick). They are generally chosen to avoid suspicion that it is a carefully crafted backdoor.

Would using 192 zeros or ones not have worked well in practice for some reason?

Some "magic" constants could be anything. But this is not true for all (Salsa). But the mark of a good "magic" constant is that there is plenty of degrees of freedom for the chooser.

Was that just four random dictionary words (orphean, beholder, scry, doubt), or is there some special meaning to the bcrypt authors, maybe some kind of cryptography joke that flew over my head?

@Nemo seems to have addressed this as thoroughly as might exist.

Improve this answer
2
  • I was not yet able to locate e.g. orphean at any word lists used for passphrase generation (see e.g. gist.github.com/atoponce/95c4f36f2bc12ec13242a3ccc55023af), some paranoic could say it's not convincing that the sleeve was entirely empty Commented Apr 15 at 9:15
  • It might have had a thesaurus under it. There is a further concept in these magic tricks that words are likely a little safer. Math has little regard for for human communication and interesting cryptographic constants all being English words is a little unlikely in otherwise mathematically sound cryptography. Commented Apr 17 at 18:47

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.