# Argon2
[![Build Status](https://travis-ci.org/P-H-C/phc-winner-argon2.svg?branch=master)](https://travis-ci.org/P-H-C/phc-winner-argon2)
[![Build status](https://ci.appveyor.com/api/projects/status/8nfwuwq55sgfkele?svg=true)](https://ci.appveyor.com/project/P-H-C/phc-winner-argon2)
[![codecov.io](https://codecov.io/github/P-H-C/phc-winner-argon2/coverage.svg?branch=master)](https://codecov.io/github/P-H-C/phc-winner-argon2?branch=master)
This is the reference C implementation of Argon2, the password-hashing
function that won the [Password Hashing Competition
(PHC)](https://password-hashing.net).
Argon2 is a password-hashing function that summarizes the state of the
art in the design of memory-hard functions and can be used to hash
passwords for credential storage, key derivation, or other applications.
It has a simple design aimed at the highest memory filling rate and
effective use of multiple computing units, while still providing defense
against tradeoff attacks (by exploiting the cache and memory organization
of the recent processors).
Argon2 has three variants: Argon2i, Argon2d, and Argon2id. Argon2d is faster
and uses data-depending memory access, which makes it highly resistant
against GPU cracking attacks and suitable for applications with no threats
from side-channel timing attacks (eg. cryptocurrencies). Argon2i instead
uses data-independent memory access, which is preferred for password
hashing and password-based key derivation, but it is slower as it makes
more passes over the memory to protect from tradeoff attacks. Argon2id is a
hybrid of Argon2i and Argon2d, using a combination of data-depending and
data-independent memory accesses, which gives some of Argon2i's resistance to
side-channel cache timing attacks and much of Argon2d's resistance to GPU
cracking attacks.
Argon2i, Argon2d, and Argon2id are parametrized by:
* A **time** cost, which defines the amount of computation realized and
therefore the execution time, given in number of iterations
* A **memory** cost, which defines the memory usage, given in kibibytes
* A **parallelism** degree, which defines the number of parallel threads
The [Argon2 document](argon2-specs.pdf) gives detailed specs and design
rationale.
Please report bugs as issues on this repository.
## Usage
`make` builds the executable `argon2`, the static library `libargon2.a`,
and the shared library `libargon2.so` (or `libargon2.dylib` on OSX).
Make sure to run `make test` to verify that your build produces valid
results. `make install PREFIX=/usr` installs it to your system.
### Command-line utility
`argon2` is a command-line utility to test specific Argon2 instances
on your system. To show usage instructions, run
`./argon2 -h` as
```
Usage: ./argon2 [-h] salt [-i|-d|-id] [-t iterations] [-m memory] [-p parallelism] [-l hash length] [-e|-r]
Password is read from stdin
Parameters:
salt The salt to use, at least 8 characters
-i Use Argon2i (this is the default)
-d Use Argon2d instead of Argon2i
-id Use Argon2id instead of Argon2i
-t N Sets the number of iterations to N (default = 3)
-m N Sets the memory usage of 2^N KiB (default 12)
-p N Sets parallelism to N threads (default 1)
-l N Sets hash output length to N bytes (default 32)
-e Output only encoded hash
-r Output only the raw bytes of the hash
-h Print argon2 usage
```
For example, to hash "password" using "somesalt" as a salt and doing 2
iterations, consuming 64 MiB, using four parallel threads and an output hash
of 24 bytes
```
$ echo -n "password" | ./argon2 somesalt -t 2 -m 16 -p 4 -l 24
Type: Argon2i
Iterations: 2
Memory: 65536 KiB
Parallelism: 4
Hash: 45d7ac72e76f242b20b77b9bf9bf9d5915894e669a24e6c6
Encoded: $argon2i$v=19$m=65536,t=2,p=4$c29tZXNhbHQ$RdescudvJCsgt3ub+b+dWRWJTmaaJObG
0.188 seconds
Verification ok
```
### Library
`libargon2` provides an API to both low-level and high-level functions
for using Argon2.
The example program below hashes the string "password" with Argon2i
using the high-level API and then using the low-level API. While the
high-level API takes the three cost parameters (time, memory, and
parallelism), the password input buffer, the salt input buffer, and the
output buffers, the low-level API takes in these and additional parameters
, as defined in [`include/argon2.h`](include/argon2.h).
There are many additional parameters, but we will highlight three of them here.
1. The `secret` parameter, which is used for [keyed hashing](
https://en.wikipedia.org/wiki/Hash-based_message_authentication_code).
This allows a secret key to be input at hashing time (from some external
location) and be folded into the value of the hash. This means that even if
your salts and hashes are compromized, an attacker cannot brute-force to find
the password without the key.
2. The `ad` parameter, which is used to fold any additional data into the hash
value. Functionally, this behaves almost exactly like the `secret` or `salt`
parameters; the `ad` parameter is folding into the value of the hash.
However, this parameter is used for different data. The `salt` should be a
random string stored alongside your password. The `secret` should be a random
key only usable at hashing time. The `ad` is for any other data.
3. The `flags` parameter, which determines which memory should be securely
erased. This is useful if you want to securly delete the `pwd` or `secret`
fields right after they are used. To do this set `flags` to either
`ARGON2_FLAG_CLEAR_PASSWORD` or `ARGON2_FLAG_CLEAR_SECRET`. To change how
internal memory is cleared, change the global flag
`FLAG_clear_internal_memory` (defaults to clearing internal memory).
Here the time cost `t_cost` is set to 2 iterations, the
memory cost `m_cost` is set to 2<sup>16</sup> kibibytes (64 mebibytes),
and parallelism is set to 1 (single-thread).
Compile for example as `gcc test.c libargon2.a -Isrc -o test`, if the program
below is named `test.c` and placed in the project's root directory.
```c
#include "argon2.h"
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#define HASHLEN 32
#define SALTLEN 16
#define PWD "password"
int main(void)
{
uint8_t hash1[HASHLEN];
uint8_t hash2[HASHLEN];
uint8_t salt[SALTLEN];
memset( salt, 0x00, SALTLEN );
uint8_t *pwd = (uint8_t *)strdup(PWD);
uint32_t pwdlen = strlen((char *)pwd);
uint32_t t_cost = 2; // 1-pass computation
uint32_t m_cost = (1<<16); // 64 mebibytes memory usage
uint32_t parallelism = 1; // number of threads and lanes
// high-level API
argon2i_hash_raw(t_cost, m_cost, parallelism, pwd, pwdlen, salt, SALTLEN, hash1, HASHLEN);
// low-level API
argon2_context context = {
hash2, /* output array, at least HASHLEN in size */
HASHLEN, /* digest length */
pwd, /* password array */
pwdlen, /* password length */
salt, /* salt array */
SALTLEN, /* salt length */
NULL, 0, /* optional secret data */
NULL, 0, /* optional associated data */
t_cost, m_cost, parallelism, parallelism,
ARGON2_VERSION_13, /* algorithm version */
NULL, NULL, /* custom memory allocation / deallocation functions */
/* by default only internal memory is cleared (pwd is not wiped) */
ARGON2_DEFAULT_FLAGS
};
int rc = argon2i_ctx( &context );
if(ARGON2_OK != rc) {
printf("Error: %s\n", argon2_error_message(rc));
exit(1);
}
free(pwd);
for( int i=0; i<HASHLEN; ++i ) printf( "%02x", hash1[i] ); printf( "\n" );
if (memcmp(hash1, hash2, HASHLEN)) {
for( int i=0; i<HASHLEN; ++i ) {
printf( "%02x", hash2[i] );
}
没有合适的资源?快使用搜索试试~ 我知道了~
argon2_cffi-16.3.0.tar.gz
0 下载量 102 浏览量
2024-06-08
11:14:21
上传
评论
收藏 1.48MB GZ 举报
温馨提示
Python库是一组预先编写的代码模块,旨在帮助开发者实现特定的编程任务,无需从零开始编写代码。这些库可以包括各种功能,如数学运算、文件操作、数据分析和网络编程等。Python社区提供了大量的第三方库,如NumPy、Pandas和Requests,极大地丰富了Python的应用领域,从数据科学到Web开发。Python库的丰富性是Python成为最受欢迎的编程语言之一的关键原因之一。这些库不仅为初学者提供了快速入门的途径,而且为经验丰富的开发者提供了强大的工具,以高效率、高质量地完成复杂任务。例如,Matplotlib和Seaborn库在数据可视化领域内非常受欢迎,它们提供了广泛的工具和技术,可以创建高度定制化的图表和图形,帮助数据科学家和分析师在数据探索和结果展示中更有效地传达信息。
资源推荐
资源详情
资源评论
收起资源包目录
argon2_cffi-16.3.0.tar.gz (122个子文件)
argon2.1 1KB
argon2d 421KB
argon2d_v16 421KB
argon2i 421KB
argon2i_v16 421KB
argon2id 421KB
argon2id_v16 421KB
core.c 18KB
encoding.c 15KB
argon2.c 14KB
blake2b.c 12KB
test.c 11KB
run.c 9KB
ref.c 7KB
opt.c 6KB
genkat.c 6KB
bench.c 3KB
thread.c 1KB
setup.cfg 214B
run_with_env.cmd 3KB
.coveragerc 175B
Argon2OptGenKAT.vcxproj.filters 3KB
Argon2RefGenKAT.vcxproj.filters 3KB
Argon2OptBench.vcxproj.filters 2KB
Argon2RefBench.vcxproj.filters 2KB
Argon2RefTestCI.vcxproj.filters 2KB
Argon2OptTestCI.vcxproj.filters 2KB
Argon2Ref.vcxproj.filters 2KB
Argon2Opt.vcxproj.filters 2KB
Argon2OptDll.vcxproj.filters 2KB
Argon2RefDll.vcxproj.filters 2KB
.git 37B
.gitattributes 131B
.gitignore 197B
argon2.h 16KB
blamka-round-opt.h 11KB
core.h 8KB
stdint.h 8KB
inttypes.h 8KB
blake2-impl.h 4KB
blake2.h 3KB
blamka-round-ref.h 3KB
thread.h 2KB
encoding.h 2KB
genkat.h 2KB
opt.h 1KB
ref.h 1KB
MANIFEST.in 206B
tox.ini 912B
LICENSE 17KB
LICENSE 1KB
Makefile 7KB
Makefile 4KB
README.md 12KB
CHANGELOG.md 571B
not-zip-safe 1B
libargon2.pc 490B
argon2-specs.pdf 463KB
PKG-INFO 8KB
PKG-INFO 8KB
install.ps1 7KB
test.ps1 1KB
check-sums.ps1 1KB
setup.py 11KB
conf.py 9KB
test_low_level.py 8KB
low_level.py 6KB
_ffi_build.py 5KB
_password_hasher.py 4KB
test_legacy.py 4KB
__main__.py 2KB
test_password_hasher.py 2KB
_legacy.py 2KB
__init__.py 1KB
_utils.py 966B
test_utils.py 949B
exceptions.py 710B
__init__.py 0B
CHANGELOG.rst 5KB
api.rst 4KB
CODE_OF_CONDUCT.rst 3KB
AUTHORS.rst 3KB
argon2.rst 3KB
CONTRIBUTING.rst 3KB
README.rst 2KB
parameters.rst 2KB
installation.rst 1KB
FAQ.rst 1KB
cli.rst 601B
backward-compatibility.rst 581B
index.rst 474B
contributing.rst 89B
changelog.rst 30B
license.rst 28B
faq.rst 24B
test.sh 696B
check-sums.sh 243B
export.sh 158B
argon2id_v16.shasum 79B
argon2i_v16.shasum 78B
共 122 条
- 1
- 2
资源评论
程序员Chino的日记
- 粉丝: 3717
- 资源: 5万+
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
- ETOPO2022一分钟基岩数据.zip
- 编译带freetype的opencv所需要的harfbuzz和freetype
- MATLAB 各种算法和解决问题的源码.zip
- 吐司资源依赖包,可自行下载
- MATLAB代码:储能参与调峰调频联合优化模型 关键词:储能 调频 调峰 充放电优化 联合运行 仿真平台:MATLAB+CVX 平台 主要内容:代码主要做的是考虑储能同时参与调峰以及调频的联合调度
- 游戏人物检测30-YOLO(v5至v11)、COCO、CreateML、Paligemma、TFRecord、VOC数据集合集.rar
- 中国手机系统行业研究:行业研究:华为HarmonyOS鸿蒙到底是什么?系统核心优势是什么?.zip
- python语言dysp批量下载爬虫程序代码QZQ2.txt
- python语言kssp批量下载爬虫程序代码QZQ4.txt
- C#与三菱PLC以太网通讯程序上位机源码 通过3E帧SLMP MC协议与三菱FX5U Q系列PLC通讯 1.该程序可以与FX5U Q系列PLC以太网通讯,根据3E帧报文写了一个类库,可以读写各种
- oracle-instantclient19.24-basic-19.24.0.0.0-1.aarch64.rpm
- 第六章:选择结构程序设计
- IMG_6671.PNG
- 高级版CRM客户关系管理系统源码手机版crm跟单销售公司订单合同办公erp客户管理
- oracle-instantclient19.24-devel-19.24.0.0.0-1.aarch64.rpm
- oracle-instantclient19.24-sqlplus-19.24.0.0.0-1.aarch64.rpm
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功