Generate Scrypt hashes - the memory-hard KDF protecting cryptocurrency wallets and passwords from hardware attacks.
About
Scrypt is a password-based key derivation function that intentionally requires significant memory, using the SMix algorithm with sequential memory-hard functions to increase the cost of GPU and ASIC attacks.
Specifications
Output SizeVariable
StandardRFC 7914
Standard Year2016
Origin Stronger Key Derivation via Sequential Memory-Hard Functions
—Backup encryption with time-memory tradeoff resistance
—Applications requiring ASIC resistance
Frequently Asked Questions
N (cost factor) should be at least 2^16 (65536) for production use. r (block size) is typically 8. p (parallelism) is usually 1. Higher N increases memory hardness. Common setting: N=2^17, r=8, p=1 uses ~128 MiB RAM. Adjust based on available memory and acceptable delay.
scrypt was the first memory-hard KDF but has limitations: fixed memory hardness per block, no resistance to cache-timing attacks. Argon2id is the modern replacement with better security, tunable memory, and side-channel resistance. New projects should use Argon2id.
scrypt was used in Litecoin and Dogecoin for ASIC resistance. For passwords, while scrypt provides memory hardness, Argon2id offers better protection against side-channel attacks and more flexible parameter tuning. scrypt is still viable but Argon2id is preferred for new systems.