Directory Server Documentation Index
Configuration Reference Home

Scrypt Password Storage Scheme

Note: this component is designated "advanced", which means that objects of this type are not expected to be created or altered in most environments. If you believe that such a change is necessary, you may want to contact support in order to understand the potential impact of that change.

The Scrypt Password Storage Scheme provides support for encoding passwords using the scrypt key derivation function. The string representation uses the "c2NyeXB0" format that is also used by a number of other implementations.

Like other password storage schemes supported by the server (especially PBKDF2 and Bcrypt), scrypt is designed to be expensive so that attacks against scrypt-encoded passwords are also expensive. However, scrypt is different from other algorithms because it is designed to consume a substantial amount of memory during the course of encoding a password, and to require pseudorandom access to portions of that memory. This makes the cost of generating a password dependent upon memory access latency in addition to CPU performance, and reduces the ability to parallelize password cracking attempts.
This password storage scheme implementation requires the Bouncy Castle JCE provider, which is not included with the Directory Server, in order to simplify United States export control restrictions imposed on the distribution of cryptographic functionality. If you wish to use this feature, you must first obtain the necessary library from the Bouncy Castle website (https://bouncycastle.org/). This implementation has been compiled and tested with version 1.64 of the library, which can be obtained from the Bouncy Castle website using the link https://www.bouncycastle.org/download/bcprov-jdk15on-164.jar. This file should be placed in the "lib" directory beneath the server install root. The server will need to be restarted for this library to be available for use.

Parent Component
Properties
dsconfig Usage

Parent Component

The Scrypt Password Storage Scheme component inherits from the Password Storage Scheme

Properties

The properties supported by this managed object are as follows:


Basic Properties: Advanced Properties:
↓ description ↓ max-password-length
↓ enabled
↓ scrypt-cpu-memory-cost-factor-exponent
↓ scrypt-block-size
↓ scrypt-parallelization-parameter

Basic Properties

description

Description
A description for this Password Storage Scheme
Default Value
None
Allowed Values
A string
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action

enabled

Description
Indicates whether the Scrypt Password Storage Scheme is enabled for use.
Default Value
None
Allowed Values
true
false
Multi-Valued
No
Required
Yes
Admin Action Required
This password storage scheme implementation requires the Bouncy Castle JCE provider, which is not included with the Directory Server, in order to simplify United States export control restrictions imposed on the distribution of cryptographic functionality. If you wish to use this feature, you must first obtain the necessary library from the Bouncy Castle website (https://bouncycastle.org/). This implementation has been compiled and tested with version 1.64 of the library, which can be obtained from the Bouncy Castle website using the link https://www.bouncycastle.org/download/bcprov-jdk15on-164.jar. This file should be placed in the "lib" directory beneath the server install root. The server will need to be restarted for this library to be available for use.

scrypt-cpu-memory-cost-factor-exponent

Description
Specifies the exponent that should be used for the CPU/memory cost factor. The cost factor must be a power of two, so the value of this property represents the power to which two is raised. The CPU/memory cost factor specifies the number of iterations required for encoding the password, and also affects the amount of memory required during processing. A higher cost factor requires more processing and more memory to generate a password, which makes attacks against the password more expensive. The value must be less than (128*r/8), where "r" represents the configured block size. The amount of memory that will be consumed in the course of generating the password is (128*2^N*r) bytes, where "N" represents the CPU/memory cost factor exponent and "r" represents the configured block size. The Directory Server will not permit the total memory consumption per password encoding to exceed 100 megabytes.
Default Value
14
Allowed Values
An integer value. Lower limit is 1. Upper limit is 30 .
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action

scrypt-block-size

Description
Specifies the block size for the digest that will be used in the course of encoding passwords. Increasing the block size while keeping the CPU/memory cost factor constant will increase the amount of memory required to encode a password, but it also increases the ratio of sequential memory access to random memory access (and sequential memory access is generally faster than random memory access). The value must be greater than or equal to one. The amount of memory that will be temporarily consumed in the course of generating the password is 128*2^N*r bytes, where "N" represents the CPU/memory cost factor exponent and "r" represents the configured block size. The Directory Server will not permit the total memory consumption per password encoding to exceed 100 megabytes.
Default Value
8
Allowed Values
An integer value. Lower limit is 1.
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action

scrypt-parallelization-parameter

Description
Specifies the number of times that scrypt has to perform the entire encoding process to produce the final result. The amount of processing required to encode a password increases linearly with the value of this parameter. If an attacker uses an scrypt implementation that supports the use of multiple threads to perform multiple encodings in parallel, then it also linearly increases the amount of memory required.
Default Value
1
Allowed Values
An integer value. Lower limit is 1.
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action


Advanced Properties

max-password-length (Advanced Property)

Description
Specifies the maximum allowed length, in bytes, for passwords encoded with this scheme, which can help mitigate denial of service attacks from clients that attempt to bind with very long passwords. This password storage scheme performs expensive cryptographic computation as a way to thwart brute force password-cracking attacks. However, this processing consumes server resources, at the possible expense of the server's ability to process other operations. The longer a provided password is, the more expensive it is to encode, or to verify whether a provided password matches a user's encoded password. Malicious clients may attempt to exploit that by providing very long passwords during authentication attempts. However, if the provided password is longer than the configured max-password-length value, then this password storage scheme will immediately reject it rather than perform that expensive computation.
Default Value
200
Allowed Values
An integer value. Lower limit is 1.
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action


dsconfig Usage

To list the configured Password Storage Schemes:

dsconfig list-password-storage-schemes
     [--property {propertyName}] ...

To view the configuration for an existing Password Storage Scheme:

dsconfig get-password-storage-scheme-prop
     --scheme-name {name}
     [--tab-delimited]
     [--script-friendly]
     [--property {propertyName}] ...

To update the configuration for an existing Password Storage Scheme:

dsconfig set-password-storage-scheme-prop
     --scheme-name {name}
     (--set|--add|--remove) {propertyName}:{propertyValue}
     [(--set|--add|--remove) {propertyName}:{propertyValue}] ...

To create a new Scrypt Password Storage Scheme:

dsconfig create-password-storage-scheme
     --scheme-name {name}
     --type scrypt
     --set enabled:{propertyValue}
     [--set {propertyName}:{propertyValue}] ...

To delete an existing Password Storage Scheme:

dsconfig delete-password-storage-scheme
     --scheme-name {name}