I don't understand how HMAC can be used in the scrypt algorithm. For what purpose does scrypt use HMAC?
Asked
Active
Viewed 311 times
1 Answers
0
The scrypt function utilises a key-derivation function (KDF) in a manner which is expensive in terms of both CPU time and memory. It does this in a way which allows a time/memory tradeoff, where implementations which use less memory require more CPU time.
The KDF used in scrypt is PBKDF2. The underlying pseudo-random function (PRF) used in PBKDF2 is user-selectable, but must take two parameters. As such, a HMAC hash is ideal, due to its two input parameters (message, key) and it being safe as a cryptographic PRF.
The immediate answer to your question is that scrypt requires a HMAC hash because PBKDF2 requires a PRF with two inputs, and a HMAC hash is a commonly chosen function type for this, so it made sense for scrypt to take that option. The scrypt specification itself defines HMAC-SHA256 as the PRF.
Polynomial
- 132,208
- 43
- 298
- 379