Class SCryptPasswordEncoder

java.lang.Object
org.springframework.security.crypto.password.AbstractValidatingPasswordEncoder
org.springframework.security.crypto.scrypt.SCryptPasswordEncoder
All Implemented Interfaces:
PasswordEncoder

public class SCryptPasswordEncoder extends AbstractValidatingPasswordEncoder

Implementation of PasswordEncoder that uses the SCrypt hashing function. Clients can optionally supply a cpu cost parameter, a memory cost parameter and a parallelization parameter.

A few warnings:

  • The currently implementation uses Bouncy castle which does not exploit parallelism/optimizations that password crackers will, so there is an unnecessary asymmetry between attacker and defender.
  • Scrypt is based on Salsa20 which performs poorly in Java (on par with AES) but performs awesome (~4-5x faster) on SIMD capable platforms
  • While there are some that would disagree, consider reading - Why I Don't Recommend Scrypt (for password storage)
  • Constructor Details

    • SCryptPasswordEncoder

      public SCryptPasswordEncoder(int cpuCost, int memoryCost, int parallelization, int keyLength, int saltLength)
      Constructs a SCrypt password encoder with the provided parameters.
      Parameters:
      cpuCost - cpu cost of the algorithm (as defined in scrypt this is N). must be power of 2 greater than 1. Default is currently 65,536 or 2^16)
      memoryCost - memory cost of the algorithm (as defined in scrypt this is r) Default is currently 8.
      parallelization - the parallelization of the algorithm (as defined in scrypt this is p) Default is currently 1. Note that the implementation does not currently take advantage of parallelization.
      keyLength - key length for the algorithm (as defined in scrypt this is dkLen). The default is currently 32.
      saltLength - salt length (as defined in scrypt this is the length of S). The default is currently 16.
  • Method Details