argon2rs
| Crates.io | argon2rs |
| lib.rs | argon2rs |
| version | 0.2.5 |
| source | src |
| created_at | 2016-02-01 08:16:24.632972 |
| updated_at | 2016-08-20 03:40:43.435883 |
| description | The pure Rust password hashing library that runs on Argon2. |
| homepage | |
| repository | https://github.com/bryant/argon2rs |
| max_upload_size | |
| id | 4044 |
| size | 914,751 |
bry (bryant)
documentation
README
argon2rs
This is a purely Rust-based library that provides both variants of the state-of-the-art Argon2 hashing algorithm, suitable for password hashing and password-based key derivation.
Installation
Via cargo:
$ cd $PROJECT_ROOT
$ cargo install --features "simd"
From git:
$ git clone https://github.com/bryant/argon2rs $ARGON_DIR && cd $ARGON_DIR
$ cargo build --features "simd"
Usage
From examples/helloworld.rs:
extern crate argon2rs;
pub fn main() {
let (password, salt) = ("argon2i!", "delicious salt");
println!("argon2i(\"argon2i\", \"delicious\"):");
for byte in argon2rs::simple2i(&password, &salt).iter() {
print!("{:02x}", byte);
}
println!("");
}
outputs:
argon2i("argon2i", "delicious"):
e254b28d820f26706a19309f1888cefd5d48d91384f35dc2e3fe75c3a8f665a6
There are two variants of Argon2 that differ in the manner by which reference indices are computed during block-filling rounds. Argon2d does this in a faster but data-dependent fashion that could be vulnerable to side-channel attacks, whereas Argon2i ("i" denoting independence from plaintext input) works slower but is immune to such attacks and is therefore the preferred choice for password hashing.
TODO
- Parallelize.
- Incorporate SIMD into compression function.
- Zero-on-drop trait for sensitive(s):
Matrix - Constant-time verification API.
- Benchmarks.
- Support NEON and SIMD on other arches.
- Fuzz.
LICENSE
MIT.
Benchmarks
Our primary benchmarks are single- and multi-threaded runs of Argon2i with default parameters against the reference implementation. In order to compile and run this, first pull in the C sources:
$ git submodule init
$ git submodule update benches/cargon/phc-winner-argon2
and then benchmark with Cargo as usual:
$ rustc --version
rustc 1.11.0-dev (4b240fe96 2016-06-08)
$ export RUSTFLAGS='-C target-feature=+avx'
$ cargo bench --features=simd
# output trimmed for brevity
Running target/release/versus_cargon-b5955411e1594c85
running 5 tests
test ensure_identical_hashes ... ignored
test bench_argon2rs_i ... bench: 9,547,031 ns/iter (+/- 15,964)
test bench_argon2rs_threaded ... bench: 4,584,163 ns/iter (+/- 398,803)
test bench_cargon_i ... bench: 10,013,015 ns/iter (+/- 177,482)
test bench_cargon_threaded ... bench: 3,753,022 ns/iter (+/- 48,688)
test result: ok. 0 passed; 0 failed; 0 ignored; 2 measured
References
"Argon2: The Memory-Hard Function for Password Hashing and Other Applications"