Scrypt requires a large amount of memory (more than the processor's cache), forcing the computer to use slower RAM. This makes it extremely resistant to brute force attacks, even those using dedicated hardware. By chaining multiple EnScrypt iterations, we can control the amount of time required to derive the key, using more iterations for a stronger key. We call the resulting function EnScrypt. More details are available here.
Enscrypt is used in SQRL to protect the user's Identity Keys when they are stored on disk. See Secure Storage System for the details.
For SQRL, we've settled on some standard parameters to provide the level of security we require:
- Output = 32 bytes
- p = 1
- N = 512 ( 1<<9 )
- r = 256
- Novators/EnScrypt - Open Source, cross-platform EnScrypt library.