RSpec
Ruby on Rails
Rubyscrypt
- 1_8_6_287
- 1_8_7_72
- 1_8_7_330
- 1_9_1_378
- 1_9_2_180
- 1_9_3_125
- 1_9_3_392
- 2_1_10
- 2_2_9
- 2_4_6
- 2_5_5 (0)
- 2_6_3 (0)
- What's this?
= private
= protected
scrypt(p1, p2 = {})
public
Derives a key from pass using given parameters with the scrypt password-based key derivation function. The result can be used for password storage.
scrypt is designed to be memory-hard and more secure against brute-force attacks using custom hardwares than alternative KDFs such as PBKDF2 or bcrypt.
The keyword arguments N, r and p can be used to tune scrypt. RFC 7914 (published on 2016-08, tools.ietf.org/html/rfc7914#section-2) states that using values r=8 and p=1 appears to yield good results.
See RFC 7914 (tools.ietf.org/html/rfc7914) for more information.
Parameters
pass |
Passphrase. |
salt |
Salt. |
N |
CPU/memory cost parameter. This must be a power of 2. |
r |
Block size parameter. |
p |
Parallelization parameter. |
length |
Length in octets of the derived key. |
Example
pass = "password" salt = SecureRandom.random_bytes(16) dk = OpenSSL::KDF.scrypt(pass, salt: salt, N: 2**14, r: 8, p: 1, length: 32) p dk #=> "\xDA\xE4\xE2...\x7F\xA1\x01T"
