[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: libscrypt



I'm working on adding support for Scrypt in Nettle.  My local repository
is working including self tests and a decent API:

https://www.gitorious.org/scrypt/nettle-scrypt

I'm working on pushing this upstream (PBKDF2 is in, Salsa20 almost in),
but I haven't had time lately to finish it.  Comments on the API etc is
most useful, probably best on the Nettle mailing list.

Btw, Nettle is a low-level crypto library under LGPLv2+, used for
example by recent GnuTLS.  It is similar to libgcrypt but with a simpler
design.

/Simon

mån 2012-11-05 klockan 04:18 +0400 skrev Solar Designer:
> Hi all,
> 
> What's the current status on a libscrypt?  I will likely try optimizing
> the scrypt code (in fact, I've already played with that a bit) and then
> revising it (deviating from scrypt proper).  Indeed, it'd be convenient
> to be doing that with a libscrypt rather than with the scrypt file
> encryption program - and ultimately I'll need a library rather than a
> standalone program (in fact, I'd need to have scrypt's memory allocation
> split from the actual crypto).  Obviously, I'd want to contribute back
> whatever is relevant.
> 
> On Sun, Jan 08, 2012 at 02:58:52PM -0800, Colin Percival wrote:
> > On 01/03/12 09:40, Dan Kaminsky wrote:
> > >    I just released phidelius, which basically uses the output of scrypt's PRNG
> > > to feed /dev/random and the like.  Go to dankaminsky.com/phidelius
> > > <http://dankaminsky.com/phidelius> to see why I'd do such a horrifying thing.
> > 
> > Cool. :-)
> 
> I took a look at Dan's phidelius-1.01 as downloaded from:
> 
> http://s3.amazonaws.com/dmk/phidelius-1.01.tgz
> 
> It contains a verbatim copy of scrypt-1.1.6 plus more files (specific to
> Phidelius).  It does not turn scrypt into a library, but it does show
> how the existing scrypt code can be linked to and invoked.
> 
> I also found an actual libscrypt, under that name even, as part of
> Chromium OS:
> 
> http://git.chromium.org/gitweb/?p=chromiumos/third_party/libscrypt.git
> git clone http://git.chromium.org/chromiumos/third_party/libscrypt.git
> 
> This one has a verbatim copy of scrypt-1.1.6 under libscrypt/src, and it
> adds autofiles at top level to build a library.  It appears to always
> use the slower crypto_scrypt-ref.c code.
> 
> There's also Crypt-Scrypt in CPAN, which reuses Chromium OS libscrypt:
> 
> http://search.cpan.org/~gray/Crypt-Scrypt/
> https://github.com/gray/crypt-scrypt
> 
> Finally, there's Simon's modscrypt, which is a hack of the scrypt
> program to make it print the test vectors instead of doing what it does
> normally:
> 
> https://www.gitorious.org/scrypt/modscrypt
> git clone git://gitorious.org/scrypt/modscrypt.git
> 
> The only changes are:
> 
> $ diff -urx .git scrypt-1.1.6 modscrypt | diffstat
>  lib/crypto/crypto_scrypt-nosse.c |   13 +++++++++++++
>  lib/crypto/crypto_scrypt-sse.c   |   13 +++++++++++++
>  main.c                           |   30 ++++++++++++++++++++++++++++++
>  3 files changed, 56 insertions(+)
> 
> (somehow the -ref file is not patched to print the test vectors as well)
> 
> modscrypt is not a library, yet it may be useful for my testing too.
> 
> > I've attached the autocrap files.
> 
> Would it be better to start with these or with those from Chromium OS?
> 
> BTW, earlier today I found that scrypt mailing list archive is finally
> available via the web.  Here's the message I am replying to:
> 
> http://mail.tarsnap.com/scrypt/msg00035.html
> 
> > BTW, I'm planning on adding scrypt to Google
> > code soon (to join kivaloo, spiped, and libcperciva, with which it shares some
> > code).
> 
> What's the status on this?
> 
> Thanks,
> 
> Alexander