什么是最佳scrypt工作因素? [英] What are optimal scrypt work factors?
问题描述
我使用 Java scrypt库进行密码存储。它需要一个 N
, r
和 p
我加密的东西,其文档称为CPU成本,内存成本和并行化成本参数。只有问题是,我实际上不知道他们具体是什么意思,或什么好的价值观是他们;也许它们在某种程度上对应于 Colin Percival的原始应用上的-t,-m和-M开关?
I'm using a Java scrypt library for password storage. It calls for an N
, r
and p
value when I encrypt things, which its documentation refers to as "CPU cost", "memory cost" and "parallelization cost" parameters. Only problem is, I don't actually know what they specifically mean, or what good values would be for them; perhaps they correspond somehow to the -t, -m and -M switches on Colin Percival's original app?
有没有任何建议?图书馆本身列出了N = 16384,r = 8和p = 1,但我不知道这是强还是弱或什么。
Does anyone have any suggestions for this? The library itself lists N = 16384, r = 8 and p = 1, but I don't know if this is strong or weak or what.
推荐答案
作为开始:
cpercival 提到 2009年的幻灯片
- (N = 2 ^ 14,r = 8,p = 1) 100ms(交互使用)和
- (N = 2 ^ 20,r = 8,p = 1) 5s(敏感存储)。
这些值适合一般使用2012-09)。当然,具体细节取决于应用程序。
These values happen to be good enough for general use (password-db for some WebApp) even today (2012-09). Of course, specifics depend on the application.
此外,这些值(大部分)表示:
Also, those values (mostly) mean:
-
N
:一般工作因素,迭代次数。 -
r
:用于底层哈希的块大小; -
p
:并行化因子;调整相对的cpu成本。
N
: General work factor, iteration count.r
: blocksize in use for underlying hash; fine-tunes the relative memory-cost.p
: parallelization factor; fine-tunes the relative cpu-cost.
r
$ c> p 意在适应CPU速度和内存大小和带宽不会像预期的那样增加的潜在问题。如果CPU性能提高得更快,你会增加 p
,而应该是内存技术的突破提高了一个数量级,你增加 r
。 N
是在某些时间跨度下保持性能的一般翻倍。
r
and p
are meant to accommodate for the potential issue that CPU speed and memory size and bandwidth do not increase as anticipated. Should CPU performance increase faster, you increase p
, should instead a breakthrough in memory technology provide an order of magnitude improvement, you increase r
. And N
is there to keep up with the general doubling of performance per some timespan.
重要提示:所有值都会更改结果。 (Updated :)这是所有scrypt参数存储在结果字符串中的原因。
Important: All values change the result. (Updated:) This is the reason why all scrypt parameters are stored in the result string.
这篇关于什么是最佳scrypt工作因素?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!