perl-Crypt-ScryptKDF/README at master · DCIT/perl-Crypt-ScryptKDF · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
NAME
    Crypt::ScryptKDF - Scrypt password based key derivation function

SYNOPSIS
    Creating / verifying scrypt-based password hash:

     use Crypt::ScryptKDF qw(scrypt_hash scrypt_hash_verify);

     my $hash1 = scrypt_hash("secret password");
     # .. later
     die "Invalid password" unless scrypt_hash_verify("secret password", $hash1);

     #or by specifying Scrypt parameters
     my $hash2 = scrypt_hash("secret password", \32, 16384, 8, 1, 32);
     # .. later
     die "Invalid password" unless scrypt_hash_verify("secret password", $hash2);

    Creating raw scrypt-based derived key:

     use Crypt::ScryptKDF qw(scrypt_raw scrypt_hex scrypt_b64);

     my $binary_buffer = scrypt_raw($password, $salt, $N, $r, $p, $len);
     my $hexadecimal_string = scrypt_hex($password, $salt, $N, $r, $p, $len);
     my $base64_string = scrypt_b64($password, $salt, $N, $r, $p, $len);

DESCRIPTION
    Scrypt is a password-based key derivation function (like for example
    PBKDF2). Scrypt was designed to be "memory-hard" algorithm in order to
    make it expensive to perform large scale custom hardware attacks.

    It can be used for:

    *   deriving cryptographic keys from low-entropy password (like PBKDF2)

    *   creating (+validating) password hashes (like PBKDF2 or Bcrypt)

    More details about Scrypt: <http://www.tarsnap.com/scrypt/scrypt.pdf>
    and <https://tools.ietf.org/html/draft-josefsson-scrypt-kdf>

    IMPORTANT: This module needs a cryptographically strong random number
    generator. It tries to use one of the following:

    *   Crypt::PRNG - random_bytes()

    *   Crypt::OpenSSL::Random - random_bytes()

    *   Net::SSLeay - RAND_bytes()

    *   Crypt::Random - makerandom_octet()

    *   Bytes::Random::Secure - random_bytes()

    *   As an unsecure fallback it uses built-in rand()

FUNCTIONS
    *   scrypt_raw

        Derive a key from given "password" and "salt" (+ optional params).

         my $derived_key_raw_bytes = scrypt_raw($password, $salt, $N, $r, $p, $len);
         #or
         my $derived_key_raw_bytes = scrypt_raw($password, $salt);

         #  $password - low-entropy secret (bytes)
         #  $salt - raw octects (bytes) with a salt
         #  $N - CPU/memory cost (has to be power of 2 and >1) DEFAULT: 2^14 = 16384
         #  $r - block size parameter                          DEFAULT: 8
         #  $p - parallelization parameter                     DEFAULT: 1
         #  $len - length of derived key (in bytes)            DEFAULT: 32
         #returns:
         #  $derived_key .. raw bytes of length $len

    *   scrypt_hex

        Similar to scrypt_raw only the return value is encoded as
        hexadecimal value.

         my $derived_key_hex_string = scrypt_hex($password, $salt, $N, $r, $p, $len);
         #or
         my $derived_key_hex_string = scrypt_hex($password, $salt);

    *   scrypt_b64

        Similar to scrypt_raw only the return value is BASE64 encoded.

         my $derived_key_base64_string = scrypt_b64($password, $salt, $N, $r, $p, $len);
         #or
         my $derived_key_base64_string = scrypt_b64($password, $salt);

    *   scrypt_hash

        Create a password hash for given "password".

         my $hash = scrypt_hash($password, $salt, $N, $r, $p, $len);

         #  params same as by scrypt_raw, the $salt can also be a scalar ref with salt
         #  length e.g. $salt=\24 means that salt will be 24 randomly generated bytes
         #returns:
         #  string with password hash (suitable for storing in DB) e.g.
         #  'SCRYPT:16384:8:1:BK8jkrqgm3BEtMh/g+WGL+k8ZeoAo=:YsEnQWld4UK8EqRZ9JuGbQnnlkXaM='

        Some of the parameters are optional:

         # 1 arg variant
         my $hash = scrypt_hash($password); # generate random salt (32 bytes)

         # 2 args variant
         my $hash = scrypt_hash($password, $salt); # use given $salt
         my $hash = scrypt_hash($password, \20);   # generate random salt (20 bytes)

         # 5 args variant
         my $hash = scrypt_hash($password, $N, $r, $p, $len); # random salt (32 bytes)

    *   scrypt_hash_verify

        Verify a password hash created with "scrypt_hash()"

         my $is_valid = scrypt_hash_verify($password, $hash);
         #  $password - password to be verified
         #  $hash - hash previously created via scrypt_hash
         #returns:
         #  1 (ok) or 0 (fail)

    *   random_bytes

        Generate random bytes of given length.

         my $salt = random_bytes($len);
         #  $len - number of random bytes
         #returns:
         #  $len random octets

LICENSE
    This program is free software; you can redistribute it and/or modify it
    under the same terms as Perl itself.

COPYRIGHT
    Copyright (c) 2013-2015 DCIT, a.s. <http://www.dcit.cz> / Karel Miko