Given that the rule of thumb is to store salted hashes of the password string, not the encrypted form of it, why does the PHP crypt() function use the DES-based algorithms? Isn't DES an encryption algorithm? The manual says
... crypt() will return a hashed string using the standard Unix DES-based algorithm or alternative algorithms that may be available on the system ...
What I understand from here is that crypt() only uses the algorithm as implemented by the system. And surely DES is implemented as an encryption algorithm rather than a custom hashing algorithm for crypt.
PS - I know that DES was way back in the past and nobody should use it anymore.
The idea of DES-based password hashing is, basically, to encrypt a block of zeroes with the password and passed salt for some number of rounds. Any half-decent encryption makes key recovery hard even in the face of known plaintext, so that’s why it’s possible to make strong password hashes out of encryption functions.
I think the PHP default is compatible with this scheme.