diff options
Diffstat (limited to 'system/scrypt/README')
-rw-r--r-- | system/scrypt/README | 40 |
1 files changed, 29 insertions, 11 deletions
diff --git a/system/scrypt/README b/system/scrypt/README index 90be1eb4e0..1e17314d7e 100644 --- a/system/scrypt/README +++ b/system/scrypt/README @@ -1,11 +1,29 @@ -The scrypt key derivation function was originally developed for use in the -Tarsnap online backup system and is designed to be far more secure against -hardware brute-force attacks than alternative functions such as PBKDF2 or -bcrypt. - -This simple password-based encryption utility is available as a demonstration -of the scrypt key derivation function. On modern hardware and with default -parameters, the cost of cracking the password on a file encrypted by scrypt -enc is approximately 100 billion times more than the cost of cracking the same -password on a file encrypted by openssl enc; this means that a five-character -password using scrypt is stronger than a ten-character password using openssl. +The scrypt key derivation function was originally developed for use in +the Tarsnap online backup system and is designed to be far more secure +against hardware brute-force attacks than alternative functions such as +PBKDF2 or bcrypt. + +A simple password-based encryption utility is available as a +demonstration of the scrypt key derivation function. On modern hardware +and with default parameters, the cost of cracking the password on a file +encrypted by scrypt enc is approximately 100 billion times more than the +cost of cracking the same password on a file encrypted by openssl enc; +this means that a five-character password using scrypt is stronger than +a ten-character password using openssl. + +In addition to the scrypt command-line utility, a development library +libscrypt-kdf can be built and installed by setting the LIB environment +variable: LIB=yes ./scrypt.SlackBuild + +Before version 1.3.0 scrypt was able to read both passphrase and input +file from standard input. This stopped to work in 1.3.0. In future +versions it is planned to add an option to read passphrase using a +variety of methods. This SlackBuild can patch scrypt 1.3.0 to add the +option "--passphrase-env", which allows to read the passphrase from an +environment variable. To this end, set the PASS environment variable: +PASS=yes ./scrypt.SlackBuild + +The patch is taken fron the branch +https://github.com/Tarsnap/scrypt/tree/passphrase-environ + +Warning: using this patch is not officially supported by upstream. |