[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Canonical way to invoke the KDF?



It is kinda cute, but one should just use a dummy file.  The format saved, IIRC, is an HMACed scrypt hash and salt, followed by the encrypted contents of the file.

Kevin

On Nov 15, 2013 8:34 AM, "Laurens Van Houtven" <_@lvh.cc> wrote:
Hi!


I'm e-mailing this on behalf of PyCA. We're a group of Python hackers trying to improve the state of cryptographic libraries in Python, and trying to provide APIs that people can't get wrong. (The current state is that some of the libraries aren't great, and the APIs are way too low level.)

I was wondering if the canonical way to use scrypt as a KDF, particularly for purposes of password storage) is documented anywhere. The big implementation right now for Python suggests writing one using enc/dec functions (so the file encryption thing that is included in the tarball as a demo), but that seems kind of orthogonal to the actual key derivation part :)

cheers and thanks in advance
lvh