什么是最佳 scrypt 工作因素?

What are optimal scrypt work factors?(什么是最佳 scrypt 工作因素?)
本文介绍了什么是最佳 scrypt 工作因素?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!

问题描述

我正在使用 Java scrypt 库 来存储密码.当我加密事物时,它需要一个 Nrp 值,其文档将其称为CPU 成本"、内存成本""和并行化成本"参数.唯一的问题是,我实际上并不知道它们的具体含义,或者对它们有什么好的价值;也许它们以某种方式对应于 Colin Percival 的原始应用程序 上的 -t、-m 和 -M 开关?

I'm using a Java scrypt library for password storage. It calls for an N, r and p value when I encrypt things, which its documentation refers to as "CPU cost", "memory cost" and "parallelization cost" parameters. Only problem is, I don't actually know what they specifically mean, or what good values would be for them; perhaps they correspond somehow to the -t, -m and -M switches on Colin Percival's original app?

有人对此有什么建议吗?库本身列出了 N = 16384, r = 8 和 p = 1,但我不知道这是强还是弱还是什么.

Does anyone have any suggestions for this? The library itself lists N = 16384, r = 8 and p = 1, but I don't know if this is strong or weak or what.

推荐答案

作为开始:

cpercival 在 2009 年的幻灯片中提到 周围的东西

cpercival mentioned in his slides from 2009 something around

  • (N = 2^14, r = 8, p = 1) 对于 <100 毫秒(交互式使用),并且
  • (N = 2^20, r = 8, p = 1) 对于 <5s(敏感存储).

即使在今天(2012 年 9 月),这些值对于一般用途(某些 WebApp 的密码数据库)也足够好.当然,具体取决于应用程序.

These values happen to be good enough for general use (password-db for some WebApp) even today (2012-09). Of course, specifics depend on the application.

此外,这些值(大部分)意味着:

Also, those values (mostly) mean:

  • N:一般工作因子,迭代次数.
  • r:用于底层哈希的块大小;微调相对内存成本.
  • p:并行化因子;微调相对 CPU 成本.
  • N: General work factor, iteration count.
  • r: blocksize in use for underlying hash; fine-tunes the relative memory-cost.
  • p: parallelization factor; fine-tunes the relative cpu-cost.

rp 旨在解决 CPU 速度、内存大小和带宽未按预期增加的潜在问题.如果 CPU 性能提高得更快,则增加 p,如果内存技术的突破提供一个数量级的改进,则增加 r.N 可以跟上每某些时间跨度的一般性能翻倍.

r and p are meant to accommodate for the potential issue that CPU speed and memory size and bandwidth do not increase as anticipated. Should CPU performance increase faster, you increase p, should instead a breakthrough in memory technology provide an order of magnitude improvement, you increase r. And N is there to keep up with the general doubling of performance per some timespan.

重要提示:所有值都会改变结果.(已更新:)这就是为什么所有 scrypt 参数都存储在结果字符串中的原因.

Important: All values change the result. (Updated:) This is the reason why all scrypt parameters are stored in the result string.

这篇关于什么是最佳 scrypt 工作因素?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!

本站部分内容来源互联网,如果有图片或者内容侵犯您的权益请联系我们删除!

相关文档推荐

Reliable implementation of PBKDF2-HMAC-SHA256 for JAVA(PBKDF2-HMAC-SHA256 for JAVA 的可靠实现)
Correct way to sign and verify signature using bouncycastle(使用 bouncycastle 签名和验证签名的正确方法)
Creating RSA Public Key From String(从字符串创建 RSA 公钥)
Why java.security.NoSuchProviderException No such provider: BC?(为什么 java.security.NoSuchProviderException 没有这样的提供者:BC?)
Generating X509 Certificate using Bouncy Castle Java(使用 Bouncy Castle Java 生成 X509 证书)
How can I get a PublicKey object from EC public key bytes?(如何从 EC 公钥字节中获取 PublicKey 对象?)