scrypt-0.1: Stronger password hashing via sequential memory-hard functions.

Crypto.Scrypt

Contents

Description

Scrypt is a sequential memory-hard key derivation function. This module provides bindings to a fast C implementation of scrypt, written by Colin Percival. See http://www.tarsnap.com/scrypt.html for more information on scrypt.

Synopsis

Parameters to the scrypt function

data ScryptParams Source

Encapsulates the three tuning parameters to the scrypt function: N, r and p. The parameters affect running time and memory usage:

Memory usage is approximately 128*r*N bytes. Note that the params function takes log_2(N) as a parameter. As an example, the defaultParams 

   log_2(N) = 14, r = 8, and p = 1

lead to scrypt using 128 * 8 * 2^14 = 16M bytes of memory.

Running time is proportional to all of N, r and p. However p only as an insignificant influence on memory usage an can thus be used to tune the running time of scrypt.

paramsSource

Arguments

:: Integer

log_2(N). Scrypt's N parameter must be a power of two greater than one, thus it's logarithm to base two must be greater than zero.

-> Integer

The parameter r, an integer greater than zero.

-> Integer

The parameter p, an integer greater than zero. r and p must satisfy r * p < 2^30.

-> Maybe ScryptParams

Returns Just the parameter object for valid arguments, otherwise Nothing.

Constructor function for the ScryptParams data type

defaultParams :: ScryptParamsSource

Default parameters as recommended in the scrypt paper: 

   N = 2^14, r = 8, p = 1

Equivalent to fromJust (params 14 8 1).

The scrypt key derivation function

scrypt :: ScryptParams -> Salt -> Pass -> PassHashSource

Calculates a 64-byte hash from the given password, salt and parameters.

getSalt :: IO SaltSource

Reads a 32-byte random salt from /dev/urandom.

newtype Pass Source

Constructors

Pass ByteString 

Instances

newtype Salt Source

Constructors

Salt ByteString 

Instances

newtype PassHash Source

Constructors

PassHash ByteString 

Instances