55

I've read about scrypt and some of its advantages over the bcrypt hashing algorithm in certain circumstances.

Anyhow, it seems scrypt isn't as widely used yet. Has anyone seen so far a .NET implementation of it (favored in C#)?

wallyk
  • 56,922
  • 16
  • 83
  • 148
Martin Buberl
  • 45,844
  • 25
  • 100
  • 144
  • Found the link to the [original paper](http://www.bsdcan.org/2009/schedule/attachments/87_scrypt.pdf) (a few links removed from the one you posted) – Cameron Jan 30 '11 at 22:30
  • 8
    I'm not sure how much scrypt was reviewed by good cryptographers. And review is very important before you trust crypto. – CodesInChaos Jan 30 '11 at 22:36
  • @Cameron: Isn't that the same PDF the Tarsnap site referes to: http://www.tarsnap.com/scrypt/scrypt.pdf ? – Martin Buberl Jan 30 '11 at 22:38
  • 4
    Personally I think the development of KDFs which are hard to brute-force with specialized hardware is important. Not sure why there is so little discussion of such functions. The benign user typically has one strong general purpose processor and lots of RAM, whereas for the attacker performance per logical gate counts. And most hash functions are very cheap to implement in hardware. – CodesInChaos Jan 30 '11 at 22:40
  • @CodeInChaos: I agree! I don't want to use it in a productive environment. But I'd like to play around with it and research if it could be an alternate to use somehow in the future. – Martin Buberl Jan 30 '11 at 22:42
  • @Martin: So it is! I didn't see that one ;-) – Cameron Jan 30 '11 at 23:22

3 Answers3

54

Finally I found an implementation of scrypt in C# in the CryptSharp library.
The library is open source and uses the ISC license.

Version History

1.2.0 January 23, 2011:
The SCrypt KDF is now supported as CryptSharp.Utility.SCrypt.
Added djb's Salsa20, required by SCrypt.

Community
  • 1
  • 1
Martin Buberl
  • 45,844
  • 25
  • 100
  • 144
21

In case, like me, you came to this question via a quick google (came up as the top link) you can now download SCrypt as a Nuget package into your project.

PM> Install-Package Scrypt.NET

Use as follows:

ScryptEncoder encoder = new ScryptEncoder();
string hashsedPassword = encoder.Encode("mypassword");

and comparing

ScryptEncoder encoder = new ScryptEncoder();
bool areEquals = encoder.Compare("mypassword", hashedPassword);

Github link here

VictorySaber
  • 3,084
  • 1
  • 27
  • 45
19

There's a new implementation of SCrypt for .NET here: https://github.com/replicon/Replicon.Cryptography.SCrypt

Unlike CryptoSharp, which is a great library, this one is implemented as a packaged wrapper around a native library. This allows it to use native-level instructions (like SSE2) to improve the performance of the implementation quite a bit.

The downside is that it has to contain native compiled assemblies, detect the right one to use, unpackage it, and then load it. That means it's not ideal for all environments, but it works great where it works.

mfenniak
  • 481
  • 3
  • 4
  • I'd rather keep the native dlls in the same directory as the assembly instead of unpacking them on demand. – CodesInChaos Dec 01 '12 at 10:35
  • 44
    Martin: Sure, the whole point of scrypt is that even when it's implemented ideally, it's not performant. But, you don't want to use a library that performs ten times slower than the implementation that a brute-force attacker is going to use. That will cause you to use tuning parameters that appear strong, but are actually far weaker than you expect. – mfenniak Dec 15 '12 at 23:25