Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/bryant/argon2rs
The pure-Rust password hashing library running on Argon2.
https://github.com/bryant/argon2rs
argon2 argon2i argon2id cryptography password-hash
Last synced: 3 months ago
JSON representation
The pure-Rust password hashing library running on Argon2.
- Host: GitHub
- URL: https://github.com/bryant/argon2rs
- Owner: bryant
- License: mit
- Created: 2016-02-01T06:31:43.000Z (almost 9 years ago)
- Default Branch: master
- Last Pushed: 2019-10-30T14:21:16.000Z (about 5 years ago)
- Last Synced: 2024-07-07T08:23:26.896Z (4 months ago)
- Topics: argon2, argon2i, argon2id, cryptography, password-hash
- Language: Rust
- Size: 1.64 MB
- Stars: 174
- Watchers: 9
- Forks: 19
- Open Issues: 15
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
argon2rs
========
[](https://travis-ci.org/bryant/argon2rs)
This is a purely Rust-based library that provides both variants of the
state-of-the-art Argon2 hashing algorithm, suitable for password hashing and
password-based key derivation.
[Documentation](http://bryant.github.io/argon2rs/argon2rs/)
## Installation
Via cargo:
```bash
$ cd $PROJECT_ROOT
$ cargo install --features "simd"
```
From git:
```bash
$ git clone https://github.com/bryant/argon2rs $ARGON_DIR && cd $ARGON_DIR
$ cargo build --features "simd"
```
## Usage
From `examples/helloworld.rs`:
```rust
extern crate argon2rs;
pub fn main() {
let (password, salt) = ("argon2i!", "delicious salt");
println!("argon2i_simple(\"{}\", \"{}\"):", password, salt);
for byte in argon2rs::argon2i_simple(&password, &salt).iter() {
print!("{:02x}", byte);
}
println!("");
}
```
outputs:
```
argon2i_simple("argon2i!", "delicious salt"):
e254b28d820f26706a19309f1888cefd5d48d91384f35dc2e3fe75c3a8f665a6
```
There are two variants of Argon2 that differ in the manner by which reference
indices are computed during block-filling rounds. Argon2d does this in a faster
but data-dependent fashion that could be vulnerable to side-channel
[attacks][1], whereas Argon2i ("i" denoting independence from plaintext input)
works slower but is immune to such attacks and is therefore the preferred choice
for password hashing.
## TODO
- [x] Parallelize.
- [x] Incorporate SIMD into compression function.
- [x] Zero-on-drop trait for sensitive(s): `Matrix`
- [x] Constant-time verification API.
- [x] Benchmarks.
- [ ] Support NEON and SIMD on other arches.
- [ ] Fuzz.
- [ ] Prove safety of unchecked accesses in `Block`, `Matrix`.
## Benchmarks
Our primary benchmarks are single- and multi-threaded runs of Argon2i with
default parameters against the [reference implementation][2]. In order to
compile and run this, first pull in the C sources:
```bash
$ git submodule init
$ git submodule update benches/cargon/phc-winner-argon2
```
and then benchmark with Cargo as usual:
```
$ rustc --version
rustc 1.11.0-dev (4b240fe96 2016-06-08)
$ export RUSTFLAGS='-C target-feature=+avx'
$ cargo bench --features="simd bench_ref"
# output trimmed for brevity
Running target/release/versus_cargon-b5955411e1594c85
running 5 tests
test ensure_identical_hashes ... ignored
test bench_argon2rs_i ... bench: 9,547,031 ns/iter (+/- 15,964)
test bench_argon2rs_threaded ... bench: 4,584,163 ns/iter (+/- 398,803)
test bench_cargon_i ... bench: 10,013,015 ns/iter (+/- 177,482)
test bench_cargon_threaded ... bench: 3,753,022 ns/iter (+/- 48,688)
test result: ok. 0 passed; 0 failed; 0 ignored; 2 measured
```
## References
["Argon2: The Memory-Hard Function for Password Hashing and Other
Applications"][1]
[1]: https://github.com/P-H-C/phc-winner-argon2/raw/master/argon2-specs.pdf
[2]: https://github.com/p-h-c/phc-winner-argon2