Scribd
Upload
31 views2 pages

The Scrypt Algorithm Is A Password

sCrypt Algortihm

Uploaded by

Farhan Bajwa
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
31 views2 pages

The Scrypt Algorithm Is A Password

sCrypt Algortihm

Uploaded by

Farhan Bajwa
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

The sCrypt algorithm is a password-based key derivation function designed to be computationally

intensive and memory-hard to resist brute-force attacks and hardware-based optimizations. Its
process is structured to ensure that computing the hash requires significant memory and CPU
resources, which can be adjusted via parameters to increase security as hardware capabilities
improve. Here's a detailed explanation of the sCrypt algorithm process:

### 1. Input and Initialization

- **Inputs**: sCrypt begins with several inputs: a password (or passphrase), a salt (to prevent
rainbow table attacks and ensure unique outputs for unique inputs), and three parameters—`N`
(CPU/memory cost), `r` (block size), and `p` (parallelization).

- **Purpose of Inputs**: The password is the primary input for hash generation. The salt, typically a
random value, ensures that the output is unique even for identical passwords across different
instances. The parameters `N`, `r`, and `p` control the complexity and resource requirements of
the algorithm.

### 2. Memory Allocation

- sCrypt allocates a large block of memory for processing, the size of which is determined by the
parameters `r` and `p`. This allocation is critical to its memory-hard properties.

- The memory is used to store a large vector of pseudo-random bits derived from the initial inputs
(password and salt).

### 3. Mixing Phase

- **Key Derivation**: The algorithm begins the key derivation process by using a pseudo-random
function (PRF), such as HMAC-SHA256, applied to the password and salt to populate the initial
block of memory.

- **Memory-Filling Loop**: For each element in the vector, sCrypt performs a complex mixing
operation that depends on the value of the previous element and the initial password. This step is
crucial for ensuring that the output is highly sensitive to changes in the input.

- **Cost Parameters and Mixing**: The `N`, `r`, and `p` parameters directly influence this phase.
`N` controls the number of iterations of the mixing function, making the algorithm more memory-
and CPU-intensive. `r` affects the size of each block within the memory array, and `p` determines
how many independent mixing operations can be performed in parallel.

### 4. Parallel Processing


- If the parallelization parameter `p` is greater than 1, sCrypt divides the memory into `p`
segments and performs the mixing operation in parallel. This allows the algorithm to leverage multi-
core processors to speed up the computation without reducing security.

### 5. Final Hash Computation

- After completing the memory-intensive mixing phase, sCrypt uses the final state of the memory to
produce the output hash. This involves another application of a pseudo-random function over the
entire memory array.

- The output is a derived key of a specified length (`dkLen`), which can be used for cryptographic
purposes such as encrypting data. The length of the output key is flexible and can be adapted
according to the needs of the application.

### Security and Memory-Hardness

- **Memory-Hard Function**: The core of sCrypt's security lies in its memory-hard function, which
ensures that the fastest way to compute the hash involves using a significant amount of memory.
This characteristic makes it resistant to brute-force attacks, especially from specialized hardware
like ASICs and FPGAs, which are less effective at handling large, memory-intensive operations
compared to traditional CPU and GPU setups.

- **Adaptive Security**: The parameters allow sCrypt to be adaptive; as hardware capabilities


improve, parameters can be adjusted to ensure the algorithm remains secure against evolving
threats.

The process is designed to ensure that any attempt to optimize the hash computation speed
through hardware must also contend with the algorithm's significant memory requirements, making
it a robust option for securing sensitive data against brute-force attacks.

You might also like