Nick Galbreath <[email protected]> writes: > Hi team-scrypt! > > I'll read the spec more carefully once I'm back home, but quickly... > > Is there a spec for the crypt function/command line format? Oddly the > best spec I've seen is the PHP function by the same name. > > http://php.net/manual/en/function.crypt.php > > FreeBSD has some details as well > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/crypt.html > > and Ulrich Drepper's crypt sha-256/sha-512 impl: > http://www.akkadia.org/drepper/SHA-crypt.txt > > Ideally I'd like a crypt-like format e.g. such as $7$... that > represents scrypt with related parameters. Given that Ulrich Drepper > just wrote a txt file, and didn't appear to submit to an official > standards body, I suspect that there is no standard.
That is right, I don't think there is any standard, just well established practice. > Any tips here, or possibility of adding an appendix to this spec > documenting a crypt-style format? Or is this done, and I'm just not > seeing it? I agree it should be done, but I'm not convinced it should be done in this document -- a scrypt-based crypt is not implemented today and would be experimental, and that will set back the review process of the draft. Granted, the ASN.1 parts or not implemented either, but I suspect that more easily will fly under the radar. We could start it as a parallel effort though. Would you like to help work on this? I started a document here: https://www.gitorious.org/scrypt/scrypt/blobs/master/unix-scrypt.txt I think we need implementation experience to move forward, I don't see much more that is needed in a crypt spec for scrypt. Maybe some default parameter suggestions. /Simon > thanks > > Nick Galbreath > nickg > > > > > > > > > > On Mon, Sep 17, 2012 at 8:18 PM, Colin Percival <[email protected]> wrote: >> Hi all, >> >> In case anyone here is interested in standards processes, you should be >> aware that Simon Josefsson has written up scrypt as an Internet Draft >> which will hopefully end up turning into an RFC: >> http://tools.ietf.org/html/draft-josefsson-scrypt-kdf-00 >> >> -- >> Colin Percival >> Security Officer Emeritus, FreeBSD | The power to serve >> Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid
