How to use scrypt to generate hash for password and salt in Python

Question

I would like to use scrypt to create a hash for my users\' passwords and salts. I have found two references, but there are things I don\'t understand about them.

They u

Answer 1

Both of those references got it completely wrong. Don't muck with encrypt and decrypt: just use hash

The KDF is not directly exposed, but hash is close enough. (In fact, it appears to me to be even better, because it mixes the filling of a PBKDF2 sandwich.)

This example code works with both python2.7 and python3.2. It uses PyCrypto, passlib, and py-scrypt, but only needs py-scrypt.

You will want to use a contstant-time comparison function like passlib.utils.consteq to mitigate timing attacks.

You will also want to choose the parameters carefully. The defaults logN=14,r=8,p=1 mean 1 "round" using 16 MiB of memory. On a server, you probably want something more like 10,8,8 -- less RAM, more CPU. You should time it on your hardware under your expected load.