[cryptography] Javascript Password Hashing: Scrypt with WebCrypto API?

Solar Designer solar at openwall.com
Wed Mar 11 11:01:21 EDT 2015

On Wed, Mar 11, 2015 at 02:20:42PM +0000, Alfonso De Gregorio wrote:
> Until more browsers start supporting PBKDF2 with HMAC-SHA-256, you
> might be better of reverting to a JavaScript library, to be plugged in
> your scrypt implementation. I never took the chance to look at it, but
> I heard that asmcrypto.js provides the fastest PBKDF2-HMAC-SHA-256
> implementation in town [2].

The uses of PBKDF2-HMAC-SHA-256 in scrypt are not performance-critical.
When scrypt is invoked with sane settings, most of the processing time
is spent in scrypt's SMix, not in PBKDF2.

This might be the most suitable implementation of scrypt in JavaScript:


Its performance test:



More information about the cryptography mailing list