How much can we trust open source implementations of crypto (security) libraries?
How much can we trust open source implementations of crypto (security) libraries?
Much better than closed source implementation.
When it comes to security that really matters, you have to follow the principle "trust but verify". Trust that popular open source implementations are more likely to get it correct and enough eyeballs to spot mistakes, but verify/audit the code yourself if it really matters to you.
With open source implementation, you can actually verify it yourself if it really matters for you. With closed source implementation, you only have the vendor's word for it.
If anything, distrust over open source security libraries is a good thing; it makes some people to start auditing them before using, rather than just blindly trusting an implementation because they are popular.
You have three tradeoffs: PBKDF vs another algorithm, open source vs closed, and the availability of test vectors.
SCrypt or BCrypt may give you somewhat more security than PBKDF2. On the other hand, if there's an implementation failure in the code (as happened to Ashley Madison) then you get a lot less security.
To the extent that the code gets scrutiny, such failures may get noticed, and here's where the open source tradeoff happens. In theory, anyone can look at the code. In practice, you have to ask how many experts have looked. The supply of volunteer crypto analysts is pretty slim, as demonstrated by OpenSSL flaws. With the MS PBKDF code, you can expect that someone other than the coder did QA, and the crypto code gets relatively more attention under the Security Development Lifecycle. Absent other indicators of security testing, a .NET nugget used by 100 people probably has less analysis done on it than a Microsoft component.
Lastly, if memory serves, PBKDF has test vectors, and the others don't, which makes testing correct implementation of PBKDF easier than testing implementations of scrypt or bcrypt.
I should mention, years ago I tracked free crypto libraries and then, later, worked on Microsoft's Security Development Lifecycle team, but no longer do. I don't think there's a simple answer to your question.