Scrypt
scrypt is a password-based key derivation function created by Colin Percival, originally for the Tarsnap online backup service. The algorithm was specifically designed to make it costly to perform large-scale custom hardware attacks by requiring large amounts of memory.
scrypt accepts 4 parameters: the work factor which defines the CPU/memory cost, the resources which fine-tunes sequential memory read size and performance, the parallelisation level and the desired key length.
| Name | Default value | Properties | Description |
|---|---|---|---|
| Work factor (N) | 32768 | hash.scrypt.workfactor |
Defines the CPU/memory cost. Must be a power of 2. |
| Resources (r) | 8 | hash.scrypt.resources |
Defines the size of memory blocks. |
| Parallelisation (p) | 1 | hash.scrypt.parallelization |
Defines the cost of parallelisation for an attacker. |
| Output length | 64 | hash.scrypt.derivedKeyLength |
Defines the desired length of the final derived key |
You can define a singleton custom scrypt function by calling ScryptFunction.getInstance(int, int, int, int) or ScryptFunction.getInstance(int, int, int)
SCryptFunction scrypt = SCryptFunction.getInstance(16384, 8, 2, 128);In this case you have created a singleton instance which uses a work factor of 214, with 8 bytes memory blocks, a parallelisation cost of 2 and that produces a 128 bytes derived key.
Alternatively if you have defined the parameters in the psw4j.properties file
SCryptFunction scrypt = AlgorithmFinder.getSCryptInstance();
