[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Mistake in FORMAT; question about N.

To: scrypt@tarsnap.com
Subject: Mistake in FORMAT; question about N.
From: Dmitry Chestnykh <dmitry@codingrobots.com>
Date: Fri, 27 Apr 2012 15:44:54 +0200 (CEST)

1.

I believe there's a mistake in FORMAT file. It says that the last HMAC isfor data only, while in reality it includes the header as well:


96+X    32      HMAC-SHA256(bytes 96 .. 96 + (X - 1))

must be

96+X    32      HMAC-SHA256(bytes 0 .. 96 + (X - 1))


2.

Regarding the N parameter in scrypt KDF.

The comment in crypto_scrypt.h says:

   The parameter N must be a power of 2 greater than 1.

The code accepts N == 1:

   if (((N & (N - 1)) != 0) || (N == 0)) {
        // .. error ..
   }

1 & (1-1) == 0, so it passes the check.

My question is, should N be greater than 1 or >= 1?
(I realize that in practice it should be much larger).


3.

I've implemented scrypt in Go:

KDF -- https://github.com/dchest/scrypt
file encryption tool -- https://github.com/dchest/scryptutil

PS Sorry if the message is duplicate -- I sent it before realizing that Iwasn't subscribed.

PPS Someone just dropped nuclear bombs on my cities. How do I bring peopleback to life?


--
Dmitry Chestnykh
http://www.codingrobots.org

Follow-Ups:
- Re: Mistake in FORMAT; question about N.
  - From: Colin Percival <cperciva@tarsnap.com>

Prev by Date: libscrypt, python bindings
Next by Date: Re: Mistake in FORMAT; question about N.
Previous by thread: libscrypt, python bindings
Next by thread: Re: Mistake in FORMAT; question about N.
Index(es):
- Date
- Thread