Difference between revisions of "EnScrypt"

From SQRLauth.net
Jump to: navigation, search
(Created page with "EnScrypt is a memory hard Password Based Key Derivation Function (PBKDF) in which we chain multiple iterations of [http://www.tarsnap.com/scrypt.html Scrypt] in a manner simil...")
 
 
Line 16: Line 16:
 
* [https://github.com/Novators/EnScrypt Novators/EnScrypt] - Open Source, cross-platform EnScrypt library.
 
* [https://github.com/Novators/EnScrypt Novators/EnScrypt] - Open Source, cross-platform EnScrypt library.
  
[[Category:Spec]]
+
[[Category:Functions]]

Latest revision as of 00:07, 23 March 2015

EnScrypt is a memory hard Password Based Key Derivation Function (PBKDF) in which we chain multiple iterations of Scrypt in a manner similar to PBKDF2.

Scrypt requires a large amount of memory (more than the processor's cache), forcing the computer to use slower RAM. This makes it extremely resistant to brute force attacks, even those using dedicated hardware. By chaining multiple EnScrypt iterations, we can control the amount of time required to derive the key, using more iterations for a stronger key. We call the resulting function EnScrypt. More details are available here.

Enscrypt is used in SQRL to protect the user's Identity Keys when they are stored on disk. See Secure Storage System for the details.

Scrypt Parameters

For SQRL, we've settled on some standard parameters to provide the level of security we require:

  • Output = 32 bytes
  • p = 1
  • N = 512 ( 1<<9 )
  • r = 256

Implementations