Source

django-scrypt / README.rst

Diff from to

README.rst

 
 2. Decompress it and make it your working directory::
 
-       $ tar zxvf django-scrypt-0.2.1.tar.gz
-       $ cd django-scrypt-0.2.1
+       $ tar zxvf django-scrypt-0.2.2.tar.gz
+       $ cd django-scrypt-0.2.2
 
 3. Install it into your ``site-packages`` directory (if you install to the
    system's ``site-packages`` you will probably need to be root or you will
    You need to keep the other hasher entries in this list or else *Django*
    won't be able to upgrade the passwords!
 
+Scrypt Parameters
+-----------------
+
+*Scrypt* takes three tuning parameters: ``N``, ``r`` and ``p``.
+They affect memory usage and running time. Memory usage is approximately
+``128 * r * N`` bytes. [#]_ These are the default values::
+
+   Nexp = lb(N) = 14, r = 8 and p = 1
+   where lb is logarithm base 2
+
+*Django-Scrypt* stores ``Nexp`` in the encoded hash, but not ``N``. The positive integer ``Nexp`` is the exponent used to generate ``N`` which is calculated as needed (``N = 2 ** Nexp``). Doing this saves space in the database row. These default values lead to *Scrypt* using ``128 * 8 * 2 ** 14 = 16M`` bytes of memory.
+
+The values of ``N``, ``r`` and ``p`` affect running time proportionately; however, ``p`` can be used to independently tune the running time since it has a smaller influence on memory usage.
+
+The final parameter ``buflen`` has been proposed for *Py-Scrypt* but is not implemented. The value will be used to change the size of the returned hash. Currently, *Py-Scrypt's* ``hash`` function returns a message digest of length 64-bytes or 512-bits.
+
+.. [#] Adapted from Falko Peters' `Crypto.Scrypt package for Haskell  <http://hackage.haskell.org/packages/archive/scrypt/0.3.2/doc/html/Crypto-Scrypt.html>`_
+
 .. _Caveats:
 
 Caveats
 
         ``scrypt$salt$14$8$1$64$Base64Hash==``
 
-The good news is that 14 is three characters shorter than 16384. The bad news
+The good news is that "14" is three characters shorter than "16384". The bad news
 is that this introduces a backwards incompatible change as of version 0.2.0.
 
-If you see your application generating *HTTP 500 Server Errors* with a 
-*scrypt.error: 'hash parameters are wrong (r*p should be < 2**30, and N should
+If you see your application generating *HTTP 500 Server Errors* with an *Exception* raised with
+*error: 'hash parameters are wrong (r*p should be < 2**30, and N should
 be a power of two > 1)'* then you should suspect that an old hash is telling
 *Scrypt* to use ``N = 2 ** 16384`` which is way, way, way too large. The
 solution is to replace the 16384 in the old hashes with 14. You might have to alter your database manually or write some custom code to fix this change.