Clojure Scrypt Library
scrypt is a tiny Clojure library for the scrypt key derivation function.
Why Use Scrypt
Scrypt has a significantly higher cost of carrying out brute force attacks on hashed values:
For more details, see the Scrypt paper.
To subscribe for announcements of releases, important changes and so on, please follow @ClojureWerkz on Twitter.
ClojureWerkz Scrypt is a fairly young project built on top of a Java implementation of Scrypt that has been around for a couple of years.
Scrypt artifacts are released to Clojars. If you are using Maven, add the following repository
definition to your
<repository> <id>clojars.org</id> <url>http://clojars.org/repo</url> </repository>
The Most Recent Release
<dependency> <groupId>clojurewerkz</groupId> <artifactId>scrypt</artifactId> <version>1.2.0</version> </dependency>
Scrypt has a single namespace:
clojurewerkz.scrypt.core, and two functions:
clojurewerkz.scrypt.core/encryptencrypts a string using Scrypt
clojurewerkz.scrypt.core/verifyverifies a string against a hash produced by
An example to demonstrate them:
(require '[clojurewerkz.scrypt.core :as sc]) (let [h (sc/encrypt "secret" 16384 8 1)] (sc/verify "secret" h)) ;= true (let [h (sc/encrypt "secret" 16384 8 1)] (sc/verify "another value" h)) ;= false
clojurewerkz.scrypt.core/encrypt takes control CPU, RAM and parallelization
cost. The values in the example above are optimal starting points for many applications.
See the Scrypt paper for a detailed information.
Native Scrypt Implementation
It is possible to use a native implementation as of ClojureWerkz Scrypt
From Lambdaworks Scrypt documentation:
When the native library can be loaded it will be used instead of the pure Java implementation. On a J2SE compliant JVM the native library will be extracted from the jar and loaded, and on other VMs System.loadLibrary will be called. The system property "com.lambdaworks.jni.loader" may be set to override the default native library loader with one of the following values: * nil: refuse to load native libraries and revert to pure Java implementation * jar: extract native library from jar and load with System.load * sys: use System.loadLibrary, which may require java.library.path to be set
Supported Clojure Versions
scrypt requires Clojure 1.4+.
Continuous Integration Status
Scrypt Is a ClojureWerkz Project
This library is part of the group of Clojure libraries known as ClojureWerkz, together with
scrypt uses Leiningen 2. Make sure you have it installed and then run tests against supported Clojure versions using
lein all test
Then create a branch and make your changes on it. Once you are done with your changes and all tests pass, submit a pull request on GitHub.
Copyright (C) 2013-2016 Michael S. Klishin, Alex Petrov.