[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: scrypt Internet Draft



mån 2013-03-25 klockan 16:25 +0400 skrev Solar Designer:
> On Thu, Nov 01, 2012 at 09:32:23PM +0400, Solar Designer wrote:
> > On Tue, Sep 18, 2012 at 05:05:13PM +0200, Simon Josefsson wrote:
> > > https://www.gitorious.org/scrypt/scrypt-unix-crypt/blobs/master/unix-scrypt.txt
> > 
> > OK, here's a proposed encoding:
> > 
> > $7$Nrrrrrpppppsalt$hash
> > 
> > "N" is one base 64 character for log2(N)
> > "rrrrr" is little-endian encoding of r (30 bits)
> > "ppppp" is little-endian encoding of p (30 bits)
> 
> I've finally implemented this.  In the attached tarball, it's in the new
> crypto_scrypt-common.c source file.  The provided new functions include
> a crypt(3)-like one.  I chose to keep salts variable length, whereas the
> hash length is fixed at 256-bit.  Can we standardize on this encoding
> syntax?  If so, I guess we should update the Gitorious page accordingly.
> 
> I'm also using $7a$ for the experimental TMTO defeater, but this is
> subject to change.  For now, I'd like us to standardize the encoding for
> the official scrypt only.  I currently don't intend to use scrypt as-is
> for password hashing, but I realize that it's inevitable that people
> will start using it that way.  So let's at least standardize this, and
> then build further encodings for scrypt derivatives (more suitable for
> password hashing use) based on it.
> 
> Simon, Dmitry, Kelvin - please let me know what you think, and please
> keep the list CC'ed.

Nice!  I'm fine with this, and please keep the git page above updated.
I think your implementation is the first.  Next is to get this into a
libc...

/Simon