NAME Crypt::ScryptKDF - Scrypt password based key derivation function SYNOPSIS Creating / verifying scrypt-based password hash: use Crypt::ScryptKDF qw(scrypt_hash scrypt_hash_verify); my $hash1 = scrypt_hash("secret password"); # .. later die "Invalid password" unless scrypt_hash_verify("secret password", $hash1); #or by specifying Scrypt parameters my $hash2 = scrypt_hash("secret password", \32, 16384, 8, 1, 32); # .. later die "Invalid password" unless scrypt_hash_verify("secret password", $hash2); Creating raw scrypt-based derived key: use Crypt::ScryptKDF qw(scrypt_raw scrypt_hex scrypt_b64); my $binary_buffer = scrypt_raw($password, $salt, $N, $r, $p, $len); my $hexadecimal_string = scrypt_hex($password, $salt, $N, $r, $p, $len); my $base64_string = scrypt_b64($password, $salt, $N, $r, $p, $len); DESCRIPTION Scrypt is a password-based key derivation function (like for example PBKDF2). Scrypt was designed to be "memory-hard" algorithm in order to make it expensive to perform large scale custom hardware attacks. It can be used for: * deriving cryptographic keys from low-entropy password (like PBKDF2) * creating (+validating) password hashes (like PBKDF2 or Bcrypt) More details about Scrypt: http://www.tarsnap.com/scrypt/scrypt.pdf and https://tools.ietf.org/html/draft-josefsson-scrypt-kdf IMPORTANT: This module needs a cryptographically strong random number generator. It tries to use one of the following: * Crypt::PRNG - random_bytes() * Crypt::OpenSSL::Random - random_bytes() * Net::SSLeay - RAND_bytes() * Crypt::Random - makerandom_octet() * Bytes::Random::Secure - random_bytes() * If none of the modules above is installed, this module fails (since v0.011). FUNCTIONS * scrypt_raw Derive a key from given password and salt (+ optional params). my $derived_key_raw_bytes = scrypt_raw($password, $salt, $N, $r, $p, $len); #or my $derived_key_raw_bytes = scrypt_raw($password, $salt); # $password - low-entropy secret (bytes) # $salt - raw octects (bytes) with a salt # $N - CPU/memory cost (has to be power of 2 and >1) DEFAULT: 2^14 = 16384 # $r - block size parameter DEFAULT: 8 # $p - parallelization parameter DEFAULT: 1 # $len - length of derived key (in bytes) DEFAULT: 32 #returns: # $derived_key .. raw bytes of length $len * scrypt_hex Similar to scrypt_raw only the return value is encoded as hexadecimal value. my $derived_key_hex_string = scrypt_hex($password, $salt, $N, $r, $p, $len); #or my $derived_key_hex_string = scrypt_hex($password, $salt); * scrypt_b64 Similar to scrypt_raw only the return value is BASE64 encoded. my $derived_key_base64_string = scrypt_b64($password, $salt, $N, $r, $p, $len); #or my $derived_key_base64_string = scrypt_b64($password, $salt); * scrypt_hash Create a password hash for given password. my $hash = scrypt_hash($password, $salt, $N, $r, $p, $len); # params same as by scrypt_raw, the $salt can also be a scalar ref with salt # length e.g. $salt=\24 means that salt will be 24 randomly generated bytes #returns: # string with password hash (suitable for storing in DB) e.g. # 'SCRYPT:16384:8:1:BK8jkrqgm3BEtMh/g+WGL+k8ZeoAo=:YsEnQWld4UK8EqRZ9JuGbQnnlkXaM=' Some of the parameters are optional: # 1 arg variant my $hash = scrypt_hash($password); # generate random salt (32 bytes) # 2 args variant my $hash = scrypt_hash($password, $salt); # use given $salt my $hash = scrypt_hash($password, \20); # generate random salt (20 bytes) # 5 args variant my $hash = scrypt_hash($password, $N, $r, $p, $len); # random salt (32 bytes) * scrypt_hash_verify Verify a password hash created with scrypt_hash() my $is_valid = scrypt_hash_verify($password, $hash); # $password - password to be verified # $hash - hash previously created via scrypt_hash #returns: # 1 (ok) or 0 (fail) * random_bytes Generate random bytes of given length. my $salt = random_bytes($len); # $len - number of random bytes #returns: # $len random octets LICENSE This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself. COPYRIGHT Copyright (c) 2013-2026 DCIT, a.s. https://www.dcit.cz / Karel Miko