Class: Authlogic::CryptoProviders::SCrypt

Inherits:

Object

Object
Authlogic::CryptoProviders::SCrypt

show all

Defined in:

lib/authlogic/crypto_providers/scrypt.rb

Overview

If you want a stronger hashing algorithm, but would prefer not to use BCrypt, SCrypt is another option. SCrypt is newer and less popular (and so less-tested), but it's designed specifically to avoid a theoretical hardware attack against BCrypt. Just as with BCrypt, you are sacrificing performance relative to SHA2 algorithms, but the increased security may well be worth it. (That performance sacrifice is the exact reason it's much, much harder for an attacker to brute-force your paswords). Decided SCrypt is for you? Just install the bcrypt gem:

gem install scrypt

Tell acts_as_authentic to use it:

acts_as_authentic do |c|
  c.crypto_provider = Authlogic::CryptoProviders::SCrypt
end

Constant Summary

DEFAULTS =

{:key_len => 32, :salt_size => 8, :max_time => 0.2, :max_mem => 1024 * 1024, :max_memfrac => 0.5}

Class Attribute Summary (collapse)

+ (Object) key_len

Key length - length in bytes of generated key, from 16 to 512.
+ (Object) max_mem

Max memory - maximum memory usage.
+ (Object) max_memfrac

Max memory fraction - maximum memory out of all available.
+ (Object) max_time

Max time - maximum time spent in computation.
+ (Object) salt_size

Salt size - size in bytes of random salt, from 8 to 32.

Class Method Summary (collapse)

+ (Object) encrypt(*tokens)

Creates an SCrypt hash for the password passed.
+ (Boolean) matches?(hash, *tokens)

Does the hash match the tokens? Uses the same tokens that were used to encrypt.

Class Attribute Details

+ (`Object`) key_len

Key length - length in bytes of generated key, from 16 to 512.



29
30
31

# File 'lib/authlogic/crypto_providers/scrypt.rb', line 29

def key_len
  @key_len ||= DEFAULTS[:key_len]
end

+ (`Object`) max_mem

Max memory - maximum memory usage. The minimum is always 1MB



44
45
46

# File 'lib/authlogic/crypto_providers/scrypt.rb', line 44

def max_mem
  @max_mem ||= DEFAULTS[:max_mem]
end

+ (`Object`) max_memfrac

Max memory fraction - maximum memory out of all available. Always greater than zero and <= 0.5.



49
50
51

# File 'lib/authlogic/crypto_providers/scrypt.rb', line 49

def max_memfrac
  @max_memfrac ||= DEFAULTS[:max_memfrac]
end

+ (`Object`) max_time

Max time - maximum time spent in computation



39
40
41

# File 'lib/authlogic/crypto_providers/scrypt.rb', line 39

def max_time
  @max_time ||= DEFAULTS[:max_time]
end

+ (`Object`) salt_size

Salt size - size in bytes of random salt, from 8 to 32



34
35
36

# File 'lib/authlogic/crypto_providers/scrypt.rb', line 34

def salt_size
  @salt_size ||= DEFAULTS[:salt_size]
end

Class Method Details

+ (`Object`) encrypt(*tokens)

Creates an SCrypt hash for the password passed.



54
55
56

# File 'lib/authlogic/crypto_providers/scrypt.rb', line 54

def encrypt(*tokens)
  ::SCrypt::Password.create(join_tokens(tokens), :key_len => key_len, :salt_size => salt_size, :max_mem => max_mem, :max_memfrac => max_memfrac, :max_time => max_time)
end

+ (`Boolean`) matches?(hash, *tokens)

Does the hash match the tokens? Uses the same tokens that were used to encrypt.

Returns:

(Boolean)

# File 'lib/authlogic/crypto_providers/scrypt.rb', line 59

def matches?(hash, *tokens)
  hash = new_from_hash(hash)
  return false if hash.blank?
  hash == join_tokens(tokens)
end

Class: Authlogic::CryptoProviders::SCrypt

Overview

Constant Summary

Class Attribute Summary (collapse)

Class Method Summary (collapse)

Class Attribute Details

+ (Object) key_len

+ (Object) max_mem

+ (Object) max_memfrac

+ (Object) max_time

+ (Object) salt_size