search

dchest / scrypt-async-js

Fast "async" scrypt implementation in JavaScript
http://dchest.github.io/scrypt-async-js/
BSD 2-Clause "Simplified" License
140 stars 26 forks source link

What do you suggest for N and r for a secure password hash (preferabley less than ~5 secs)? #23

Closed thinkloop closed 8 years ago

dchest commented 8 years ago

Fix at r = 8. Now, your goal is to consume as much memory as possible within a reasonable time. Total consumed memory is calculated as 2^logN * r * 128.

Assume minimum logN is 13 (for 8 MiB. Don't ever go lower than 4 MiB).

Estimate how much maximum memory you can consume, e.g. if passwords will be derived on low-RAM smartphones, you'd probably don't want scrypt to take more than, say, 256 MB (logN = 18). If the target device is an average laptop, probably 1 GB would be okay (logN = 20).

Go to this page on an average target device: http://dchest.github.io/scrypt-async-js/demo.html, set interruptStep to 0 and begin incrementing logN until your target maximum and pressing "Calculate" to check the timing. Settle on what's reasonable.

thinkloop commented 8 years ago

Amazing advice, thank you!

Btw the lib works great, the performance is fantastic and there is zero browser lockup, very well done! Starred.

dchest commented 8 years ago

Thank you for your kind words!