suzanne.soy/man-pages
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
gh-pages
man-pages/man7/scrypt.7ssl.html
Suzanne Soy 4c89183f2b Added man pages from my system
2021-03-31 01:06:50 +01:00

178 lines
5.8 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML><HEAD><TITLE>Man page of SCRYPT</TITLE>
</HEAD><BODY>
<H1>SCRYPT</H1>
Section: OpenSSL (7SSL)<BR>Updated: 2021-03-22<BR><A HREF="#index">Index</A>
<A HREF="/cgi-bin/man/man2html">Return to Main Contents</A><HR>
<A NAME="lbAB">&nbsp;</A>
<H2>NAME</H2>
scrypt - EVP_PKEY scrypt KDF support
<A NAME="lbAC">&nbsp;</A>
<H2>DESCRIPTION</H2>
The <FONT SIZE="-1">EVP_PKEY_SCRYPT</FONT> algorithm implements the scrypt password based key
derivation function, as described in <FONT SIZE="-1">RFC 7914.</FONT> It is memory-hard in the sense
that it deliberately requires a significant amount of <FONT SIZE="-1">RAM</FONT> for efficient
computation. The intention of this is to render brute forcing of passwords on
systems that lack large amounts of main memory (such as GPUs or ASICs)
computationally infeasible.
<P>
scrypt provides three work factors that can be customized: N, r and p. N, which
has to be a positive power of two, is the general work factor and scales <FONT SIZE="-1">CPU</FONT>
time in an approximately linear fashion. r is the block size of the internally
used hash function and p is the parallelization factor. Both r and p need to be
greater than zero. The amount of <FONT SIZE="-1">RAM</FONT> that scrypt requires for its computation
is roughly (128 * N * r * p) bytes.
<P>
In the original paper of Colin Percival (``Stronger Key Derivation via
Sequential Memory-Hard Functions'', 2009), the suggested values that give a
computation time of less than 5 seconds on a 2.5 GHz Intel Core 2 Duo are N =
2^20 = 1048576, r = 8, p = 1. Consequently, the required amount of memory for
this computation is roughly 1 GiB. On a more recent <FONT SIZE="-1">CPU</FONT> (Intel i7-5930K at 3.5
GHz), this computation takes about 3 seconds. When N, r or p are not specified,
they default to 1048576, 8, and 1, respectively. The default amount of <FONT SIZE="-1">RAM</FONT> that
may be used by scrypt defaults to 1025 MiB.
<A NAME="lbAD">&nbsp;</A>
<H2>NOTES</H2>
A context for scrypt can be obtained by calling:
<P>
<PRE>
EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SCRYPT, NULL);
</PRE>
<P>
The output length of an scrypt key derivation is specified via the
length parameter to the <B><A HREF="/cgi-bin/man/man2html?3+EVP_PKEY_derive">EVP_PKEY_derive</A></B>(3) function.
<A NAME="lbAE">&nbsp;</A>
<H2>EXAMPLES</H2>
This example derives a 64-byte long test vector using scrypt using the password
``password'', salt ``NaCl'' and N = 1024, r = 8, p = 16.
<P>
<PRE>
EVP_PKEY_CTX *pctx;
unsigned char out[64];
size_t outlen = sizeof(out);
pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SCRYPT, NULL);
if (EVP_PKEY_derive_init(pctx) &lt;= 0) {
error(&quot;EVP_PKEY_derive_init&quot;);
}
if (EVP_PKEY_CTX_set1_pbe_pass(pctx, &quot;password&quot;, 8) &lt;= 0) {
error(&quot;EVP_PKEY_CTX_set1_pbe_pass&quot;);
}
if (EVP_PKEY_CTX_set1_scrypt_salt(pctx, &quot;NaCl&quot;, 4) &lt;= 0) {
error(&quot;EVP_PKEY_CTX_set1_scrypt_salt&quot;);
}
if (EVP_PKEY_CTX_set_scrypt_N(pctx, 1024) &lt;= 0) {
error(&quot;EVP_PKEY_CTX_set_scrypt_N&quot;);
}
if (EVP_PKEY_CTX_set_scrypt_r(pctx, 8) &lt;= 0) {
error(&quot;EVP_PKEY_CTX_set_scrypt_r&quot;);
}
if (EVP_PKEY_CTX_set_scrypt_p(pctx, 16) &lt;= 0) {
error(&quot;EVP_PKEY_CTX_set_scrypt_p&quot;);
}
if (EVP_PKEY_derive(pctx, out, &amp;outlen) &lt;= 0) {
error(&quot;EVP_PKEY_derive&quot;);
}
{
const unsigned char expected[sizeof(out)] = {
0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00,
0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe,
0x7c, 0x6a, 0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30,
0xe7, 0x73, 0x76, 0x63, 0x4b, 0x37, 0x31, 0x62,
0x2e, 0xaf, 0x30, 0xd9, 0x2e, 0x22, 0xa3, 0x88,
0x6f, 0xf1, 0x09, 0x27, 0x9d, 0x98, 0x30, 0xda,
0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d,
0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40
};
assert(!memcmp(out, expected, sizeof(out)));
}
EVP_PKEY_CTX_free(pctx);
</PRE>
<A NAME="lbAF">&nbsp;</A>
<H2>CONFORMING TO</H2>
<FONT SIZE="-1">RFC 7914</FONT>
<A NAME="lbAG">&nbsp;</A>
<H2>SEE ALSO</H2>
<B><A HREF="/cgi-bin/man/man2html?3+EVP_PKEY_CTX_set1_scrypt_salt">EVP_PKEY_CTX_set1_scrypt_salt</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+EVP_PKEY_CTX_set_scrypt_N">EVP_PKEY_CTX_set_scrypt_N</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+EVP_PKEY_CTX_set_scrypt_r">EVP_PKEY_CTX_set_scrypt_r</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+EVP_PKEY_CTX_set_scrypt_p">EVP_PKEY_CTX_set_scrypt_p</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+EVP_PKEY_CTX_set_scrypt_maxmem_bytes">EVP_PKEY_CTX_set_scrypt_maxmem_bytes</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+EVP_PKEY_CTX_new">EVP_PKEY_CTX_new</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+EVP_PKEY_CTX_ctrl_str">EVP_PKEY_CTX_ctrl_str</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+EVP_PKEY_derive">EVP_PKEY_derive</A></B>(3)
<A NAME="lbAH">&nbsp;</A>
<H2>COPYRIGHT</H2>
Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
<P>
Licensed under the OpenSSL license (the ``License''). You may not use
this file except in compliance with the License. You can obtain a copy
in the file <FONT SIZE="-1">LICENSE</FONT> in the source distribution or at
&lt;<A HREF="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</A>&gt;.
<P>
<HR>
<A NAME="index">&nbsp;</A><H2>Index</H2>
<DL>
<DT id="1"><A HREF="#lbAB">NAME</A><DD>
<DT id="2"><A HREF="#lbAC">DESCRIPTION</A><DD>
<DT id="3"><A HREF="#lbAD">NOTES</A><DD>
<DT id="4"><A HREF="#lbAE">EXAMPLES</A><DD>
<DT id="5"><A HREF="#lbAF">CONFORMING TO</A><DD>
<DT id="6"><A HREF="#lbAG">SEE ALSO</A><DD>
<DT id="7"><A HREF="#lbAH">COPYRIGHT</A><DD>
</DL>
<HR>
This document was created by
<A HREF="/cgi-bin/man/man2html">man2html</A>,
using the manual pages.<BR>
Time: 00:06:09 GMT, March 31, 2021
</BODY>
</HTML>
Reference in New Issue View Git Blame Copy Permalink