[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How much data should I request from scrypt?

32 bytes (256 bits) is used internally IIRC.  More provides no additional security.  Only use more if you have a need for more key output for reasons specific to your application.

On Dec 27, 2014 11:49 AM, <danielw@emaildoge.com> wrote:
crypto_scrypt() allows me to specify how much data I want back from it.

This is what the last parameter, buflen, is for.

So the question is, how many bytes should I request to make it good for

hashing, just as good as SHA-256 say? Purpose being to make collisions

virtually impossible.

For example, are 200 bytes enough?