This article has participated in the “Digitalstar Project” and won a creative gift package to challenge the creative incentive money

“Welcome to the discussion in the comments section. The excavation authorities will draw 100 nuggets in the comments section after project Diggnation. See the event article for details.”

Introduction to the

To combat cracking, scientists have come up with a variety of methods, such as obfuscating and salting passwords, changing patterns and combining them. But these algorithms are increasingly being beaten by specialized ASics that do nothing more than crack your passwords or hash them.

The most famous, of course, is Bitcoin, which uses the infamous POW algorithm, which allows whoever has the most power to mine. This has led to the creation of a large number of meaningless mining machines that cannot do anything, even hash values. A lot of electricity is wasted as a result.

If you want to use an ordinary PC to dig a mine, then I guess your chances of finding a mine are about the same as being hit by a meteorite.

In order to resist the CPU password encryption, scientists have invented a lot of other algorithms, such as the need to take up a lot of memory algorithm, because the memory is not like the CPU can crazy speed, so limits the scene of a lot of brute force, today will scrypt algorithm is one of them, the algorithm has been applied to many new encryption currency in the mining system, To show the fairness of their mining process.

Scrypt algorithm

Scrypt is a password derivative algorithm created by Colin Percival. Using scrypt algorithm to generate derived keys requires a lot of memory. Scrypt was released as RFC 7914 in 2016.

The main function of the password derivative algorithm is to generate a series of derived passwords according to the initial master password. The algorithm is designed to protect against brute force attacks. By increasing the complexity of password generation, it also increases the difficulty of brute force cracking.

However, for the same reasons mentioned above, previous password-based KDF, such as PBKDF2, although it improves the number of password-generated traversals, it uses very little memory space. So it’s easy to crack with a simple ASIC machine. Scrypt is designed to solve this problem.

Scrypt algorithm in detail

Scrypt generates a very large sequence of pseudorandom numbers that will be used in subsequent key generation, so generally a RAM is required for storage. That’s why the Scrypt algorithm requires a lot of memory.

Next, we analyze the SCrypt algorithm in detail. The standard SCrypt algorithm requires the input of eight parameters, as shown below:

  • Passphrase: The input password to be hashed
  • Salt: Salt for password protection against rainbow table attacks
  • CostFactor (N): CPU/memory cost parameter, which must be an exponent of 2 (e.g., 1024)
  • BlockSizeFactor (r): the blocksize parameter
  • ParallelizationFactor (P): Parallel parameter
  • DesiredKeyLen (dkLen): The length of the output derived key
  • HLen: output length of the hash function
  • MFlen: Output length of the Mix function

The output of this function is DerivedKey.

First we need to make a expensiveSalt. First get blockSize:

blockSize = 128*BlockSizeFactor 
Copy the code

Then use PBKDF2 to generate P blocksizes and combine the P blocks into an array:

[B0...Bp−1] = pbkdf2hMAC-sha256 (Passphrase, 1, blockSize*ParallelizationFactor)Copy the code

Use ROMix to mix the resulting blocks:

For I ← 0 to P-1 do Bi ← ROMix(Bi, CostFactor)Copy the code

Group B into a new expensiveSalt:

ExpensiveSalt please B0 ∥ B1 ∥ B2 ∥... ∥ Bp - 1Copy the code

Next use PBKDF2 and the new salt to generate the final derived key:

return PBKDF2HMAC-SHA256(Passphrase, expensiveSalt, 1, DesiredKeyLen);
Copy the code

Here is the pseudocode for the ROMix function:

Function ROMix(Block, Iterations) Create copies of X X ← Block for I ← 0 to Iterations−1 do Vi ← X X ← BlockMix(X) for I ← 0 to Iterations−1 do J ← Integerify(X) mod Iterations X ← BlockMix(X xor Vj) return XCopy the code

The pseudocode of BlockMix is as follows:

Function BlockMix(B): The block B is R 128-byte chunks (which is equivalent of 2R 64-byte chunks) R ← Length(B) / 128; Treat B as an array of 2R 64-Byte chunks [B0... b2R-1] ← B X ← B2r−1 for I ← 0 to 2R −1 do X ← Salsa20/8(X xor Bi) // Salsa20/8 Hashes from 64-bytes to 64-bytes Yi ← X return ← Y0∥Y2∥... ∥ Y2r - 2 ∥ Y1 ∥ Y3 ∥... ∥ Y2r - 1Copy the code

The use of scrypt

Scrypt is used in many of the new POW’s virtual currencies, such as Tenebrix, Litecoin and Dogecoin. Interested friends can pay attention to it.

This article is available at www.flydean.com/42-scrypt/

The most popular interpretation, the most profound dry goods, the most concise tutorial, many tips you didn’t know waiting for you to discover!

Welcome to pay attention to my public number: “procedures those things”, understand technology, more understand you!