sCrypt: A Sequential Memory-Hard Crypto Algorithm

An unofficial logo.Tarsnap’s page on sCrypt explains it all. How do you keep your cryptography keys safe (and yet, easy to create from a password) from an attacker who has lots of money to throw at hardware?  Better still, what if you wish to create a crypto-currency that couldn’t be farmed by its enthusiasts so easily with the purchase of a few high-end graphics cards for their GPUs? sCrypt is there as well. This is most definitely not fast encryption, encrypting a short file with just a single-letter password (which I totally do NOT recommend) takes almost 7-seconds of clock-time and almost 4-seconds of CPU time.  If you did nothing but a 9-character base58 passwords you’re looking at 16.4-million centuries of clock time with one computer. Add another character and it’s 956 million-centuries… keep adding characters to your password for your given level of paranoia.  It’s not that it takes a long time to process a password, it also takes a lot of memory to do so at the same time.  Certainly you can add lots and lots of processors in the form of ASICs but the more RAM required, the more expensive the ASICs become. The nature of the algorithms makes it unlikely that any attacker can pre-compute rainbow tables for all possible passwords.

This is what you should probably be storing the keys-for-your-keys in if you’re storing keys in applications like loop-AES or GNU Privacy Guard.


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s