org.xwiki.crypto.passwd
Interface MemoryHardKeyDerivationFunction

All Superinterfaces:

KeyDerivationFunction, java.io.Serializable

All Known Implementing Classes:

AbstractMemoryHardKeyDerivationFunction, ScryptMemoryHardKeyDerivationFunction

@ComponentRole
public interface MemoryHardKeyDerivationFunction
extends KeyDerivationFunction

A key memory hard derivation function. This function must require the specified amount of memory and processor time to derive a key from a password thus making the job of guessing passwords with a known key or ciphertext configurably hard. Implementations must ensure there is no way to: A. Compute the hash in significantly fewer processor cycles than the implementation. B. Compute the hash with significantly less memory requirement than the implementation.

Since:

2.5M1

Version:

$Id$

Method Summary

void	init(int kilobytesOfMemoryToUse, int millisecondsOfProcessorTimeToSpend, int derivedKeyLength) Initialize this function with the desired parameters.

Methods inherited from interface org.xwiki.crypto.passwd.KeyDerivationFunction

deriveKey, init, init, init, serialize

Method Detail

init

void init(int kilobytesOfMemoryToUse,
          int millisecondsOfProcessorTimeToSpend,
          int derivedKeyLength)

Initialize this function with the desired parameters.

Parameters:

kilobytesOfMemoryToUse - number of kilobytes or RAM which should be required by any implementation to validate a password. This amount of memory will be occupied for the time given by millisecondsOfProcessorTimeToSpend. Obviously if the adversary has a faster processor, then this time will be shorter on his computer.

millisecondsOfProcessorTimeToSpend - target amount of time to spend verifying the password. This will be tested on the system when init is called.

derivedKeyLength - the number of bytes of length the derived key (output) should be.