password hashing comparisons

stretch-bench.rb

require 'benchmark/ips'
require 'bcrypt'
require 'openssl'
require 'securerandom'

def sha512_digest(*tokens)
  Digest::SHA512.hexdigest('--' << tokens.flatten.join('--') << '--')
end

Benchmark.ips do |x| 
  # Configure the number of seconds used during
  # the warmup phase (default 2) and calculation phase (default 5)
  x.time = 5 
  x.warmup = 2 

  pw = 'Awe3ome 1ong !great PASSw0rd'
  salt = 'abcd1234XYZ'
  pepper = SecureRandom.uuid

  (10..14).each do |cost|
    x.report("bcrypt #{cost} stretches") do
      BCrypt::Password.create(pw, cost: cost).to_s
    end 
  end 

  (10..14).each do |cost|
    digest = SecureRandom.uuid
    x.report("sha512 #{cost} stretches") do
      cost.times { digest = sha512_digest(salt, digest, pw, pepper) }
    end 
  end 

  digest = OpenSSL::Digest::SHA512.new
  len = digest.digest_length
  [50_000, 100_000, 200_000, 400_000, 800_000].each do |iterations|
    x.report("pbkdf2 #{iterations}") do
      ::Digest::SHA512.hexdigest(OpenSSL::PKCS5.pbkdf2_hmac(pw, salt + pepper, iterations, len, digest))
    end 
  end 

  x.compare!
end

$ ruby stretcher-bench.rb 
Warming up --------------------------------------
 bcrypt 10 stretches     1.000  i/100ms
 bcrypt 11 stretches     1.000  i/100ms
 bcrypt 12 stretches     1.000  i/100ms
 bcrypt 13 stretches     1.000  i/100ms
 bcrypt 14 stretches     1.000  i/100ms
 sha512 10 stretches     1.774k i/100ms
 sha512 11 stretches     1.597k i/100ms
 sha512 12 stretches     1.485k i/100ms
 sha512 13 stretches     1.372k i/100ms
 sha512 14 stretches     1.293k i/100ms
        pbkdf2 50000     1.000  i/100ms
       pbkdf2 100000     1.000  i/100ms
       pbkdf2 200000     1.000  i/100ms
       pbkdf2 400000     1.000  i/100ms
       pbkdf2 800000     1.000  i/100ms
Calculating -------------------------------------
 bcrypt 10 stretches     15.555  (± 6.4%) i/s -     78.000  in   5.029321s
 bcrypt 11 stretches      7.793  (± 0.0%) i/s -     39.000  in   5.011033s
 bcrypt 12 stretches      3.891  (± 0.0%) i/s -     20.000  in   5.142898s
 bcrypt 13 stretches      1.967  (± 0.0%) i/s -     10.000  in   5.084603s
 bcrypt 14 stretches      0.985  (± 0.0%) i/s -      5.000  in   5.079182s
 sha512 10 stretches     18.005k (± 3.7%) i/s -     90.474k in   5.031674s
 sha512 11 stretches     16.193k (± 4.5%) i/s -     81.447k in   5.039865s
 sha512 12 stretches     15.017k (± 4.7%) i/s -     75.735k in   5.054693s
 sha512 13 stretches     13.801k (± 3.7%) i/s -     69.972k in   5.077024s
 sha512 14 stretches     12.687k (± 5.0%) i/s -     63.357k in   5.006010s
        pbkdf2 50000     15.970  (± 6.3%) i/s -     80.000  in   5.021892s
       pbkdf2 100000      7.952  (± 0.0%) i/s -     40.000  in   5.039356s
       pbkdf2 200000      4.012  (± 0.0%) i/s -     20.000  in   5.000569s
       pbkdf2 400000      1.874  (± 0.0%) i/s -     10.000  in   5.372693s
       pbkdf2 800000      1.016  (± 0.0%) i/s -      6.000  in   5.907136s

Comparison:
 sha512 10 stretches:    18005.1 i/s
 sha512 11 stretches:    16193.4 i/s - 1.11x slower
 sha512 12 stretches:    15017.0 i/s - 1.20x slower
 sha512 13 stretches:    13801.2 i/s - 1.30x slower
 sha512 14 stretches:    12687.2 i/s - 1.42x slower
        pbkdf2 50000:       16.0 i/s - 1127.41x slower
 bcrypt 10 stretches:       15.6 i/s - 1157.53x slower
       pbkdf2 100000:        8.0 i/s - 2264.29x slower
 bcrypt 11 stretches:        7.8 i/s - 2310.33x slower
       pbkdf2 200000:        4.0 i/s - 4487.60x slower
 bcrypt 12 stretches:        3.9 i/s - 4627.50x slower
 bcrypt 13 stretches:        2.0 i/s - 9153.22x slower
       pbkdf2 400000:        1.9 i/s - 9608.50x slower
       pbkdf2 800000:        1.0 i/s - 17714.14x slower
 bcrypt 14 stretches:        1.0 i/s - 18287.95x slower