scrypt cryptographic functions for R
C Shell Makefile C++ R
Switch branches/tags
Nothing to show
Latest commit a13f997 Dec 6, 2016 @kippandrew kippandrew committed on GitHub Merge pull request #12 from rstudio/fix-clock_getres
Fix clock getres
Failed to load latest commit information.
src Update auto-generated files Oct 11, 2016
.gitignore Ignore dll files Feb 25, 2014
.travis.yml Update travis Feb 27, 2014
DESCRIPTION Bump version Oct 11, 2016
LICENSE Update docs Jan 10, 2014
NAMESPACE Update imports Feb 25, 2014
NEWS Replace CHANGELOG with NEWS file Feb 27, 2014
cleanup Remove config.log on cleanup Jan 23, 2014
configure Add chmod to configure Feb 26, 2014
rscrypt.Rproj Update imports Feb 25, 2014


Build Status

rscrypt is an R package for a collection of scrypt cryptographic functions. Scrypt is a password-based key derivation function created by Colin Percival. The algorithm was specifically designed to make it costly to perform large-scale custom hardware attacks by requiring large amounts of memory.


This package makes use of native code, you will need to have a R package development environment installed on your system:

Windows: RTools for building packages Mac OSX: XCode Command Line Tools for building packages


To install directly from GitHub, run this:

if (!require("devtools"))


Hash a password:

hashed <- scrypt::hashPassword("good password")

Verify a hashed password:

scrypt::verifyPassword(hashed, "bad bassword")

scrypt::verifyPassword(hashed, "good password")
[1] TRUE

Key derivation function

password <- charToRaw("my password")
salt <- sample(1:10, 32, replace=TRUE)
scrypt::scrypt(password, salt, 65536, 8, 1)

Password Hashing

The hashPassword and verifyPassword functions are designed be compatible with the node.js scrypt package. The output from hashPassword is a base64 encoded string containing multiple pieces of information that are required to verify the hash later on. Included in this output are the n, r and p parameters for the scrypt function, as well as a checksum and HMAC for verifying the integrity of the hash. Below is the format the hash.

Hash Format

offset	length
0	6	"scrypt"
6	1	scrypt data file version number (0)
7	1	log2(n) (big-endian must be between 1 and 63 inclusive)
8	4	r (big-endian integer; must satisfy r * p < 2^30)
12	4	p (big-endian integer; must satisfy r * p < 2^30)
16	32	salt
48	16	first 16 bytes of SHA256(bytes 0 .. 47)
64	32	HMAC-SHA256(bytes 0 .. 63)