[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

scrypt API question



Hello,

I have a question about the scrypt API. Scrypt is advertised as a secure key derivation function, but the reference implementation API is a full file encryption API with the actual scrypt key derivation function buried deep inside it and not easily accessible.  Is there a reason for this?  The extra complexity from the encryption step seems like an unnecessary complication if the application is password hashing.  Why not make the key derivation function directly accessible like, say, bcrypt does?

Thanks,
rg