什么是最佳scrypt工作因素? [英] What are optimal scrypt work factors?
问题描述
我使用 Java scrypt库进行密码存储。它需要一个 N , r 和 p 我加密的东西,其文档称为CPU成本,内存成本和并行化成本参数。只有问题是,我实际上不知道他们具体是什么意思,或什么好的价值观是他们;也许它们在某种程度上对应于 Colin Percival的原始应用上的-t,-m和-M开关?
I'm using a Java scrypt library for password storage. It calls for an N, r and p value when I encrypt things, which its documentation refers to as "CPU cost", "memory cost" and "parallelization cost" parameters. Only problem is, I don't actually know what they specifically mean, or what good values would be for them; perhaps they correspond somehow to the -t, -m and -M switches on Colin Percival's original app?
有没有任何建议?图书馆本身列出了N = 16384,r = 8和p = 1,但我不知道这是强还是弱或什么。
Does anyone have any suggestions for this? The library itself lists N = 16384, r = 8 and p = 1, but I don't know if this is strong or weak or what.
推荐答案
作为开始:
cpercival 提到 2009年的幻灯片
- (N = 2 ^ 14,r = 8,p = 1) 100ms(交互使用)和
- (N = 2 ^ 20,r = 8,p = 1) 5s(敏感存储)。
这些值适合一般使用2012-09)。当然,具体细节取决于应用程序。
These values happen to be good enough for general use (password-db for some WebApp) even today (2012-09). Of course, specifics depend on the application.
此外,这些值(大部分)表示:
Also, those values (mostly) mean:
-
N:一般工作因素,迭代次数。 -
r:用于底层哈希的块大小; -
p:并行化因子;调整相对的cpu成本。
N: General work factor, iteration count.r: blocksize in use for underlying hash; fine-tunes the relative memory-cost.p: parallelization factor; fine-tunes the relative cpu-cost.
r $ c> p 意在适应CPU速度和内存大小和带宽不会像预期的那样增加的潜在问题。如果CPU性能提高得更快,你会增加 p ,而应该是内存技术的突破提高了一个数量级,你增加 r 。 N 是在某些时间跨度下保持性能的一般翻倍。
r and p are meant to accommodate for the potential issue that CPU speed and memory size and bandwidth do not increase as anticipated. Should CPU performance increase faster, you increase p, should instead a breakthrough in memory technology provide an order of magnitude improvement, you increase r. And N is there to keep up with the general doubling of performance per some timespan.
重要提示:所有值都会更改结果。 (Updated :)这是所有scrypt参数存储在结果字符串中的原因。
Important: All values change the result. (Updated:) This is the reason why all scrypt parameters are stored in the result string.
这篇关于什么是最佳scrypt工作因素?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
