[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: scrypt Internet Draft

On Thu, Nov 01, 2012 at 09:32:23PM +0400, Solar Designer wrote:
> On Tue, Sep 18, 2012 at 05:05:13PM +0200, Simon Josefsson wrote:
> > https://www.gitorious.org/scrypt/scrypt-unix-crypt/blobs/master/unix-scrypt.txt
> OK, here's a proposed encoding:
> $7$Nrrrrrpppppsalt$hash
> "N" is one base 64 character for log2(N)
> "rrrrr" is little-endian encoding of r (30 bits)
> "ppppp" is little-endian encoding of p (30 bits)

I've finally implemented this.  In the attached tarball, it's in the new
crypto_scrypt-common.c source file.  The provided new functions include
a crypt(3)-like one.  I chose to keep salts variable length, whereas the
hash length is fixed at 256-bit.  Can we standardize on this encoding
syntax?  If so, I guess we should update the Gitorious page accordingly.

I'm also using $7a$ for the experimental TMTO defeater, but this is
subject to change.  For now, I'd like us to standardize the encoding for
the official scrypt only.  I currently don't intend to use scrypt as-is
for password hashing, but I realize that it's inevitable that people
will start using it that way.  So let's at least standardize this, and
then build further encodings for scrypt derivatives (more suitable for
password hashing use) based on it.

Simon, Dmitry, Kelvin - please let me know what you think, and please
keep the list CC'ed.



Attachment: escrypt-0.0.32.tar.gz
Description: GNU Zip compressed data