0
# Password-Based Key Derivation
1

2
PBKDF2 and Scrypt implementations for password-based key derivation, providing secure methods to derive cryptographic keys from passwords with salt and iteration count parameters.
3

4
## Capabilities
5

6
### PBKDF2 Key Derivation
7

8
PBKDF2 (Password-Based Key Derivation Function 2) implementation for secure password-based key generation.
9

10
```typescript { .api }
11
/**
12
 * Derive key using PBKDF2 algorithm
13
 * @param passphrase - Password/passphrase to derive from
14
 * @param salt - Random salt bytes (default: random 32 bytes)
15
 * @param rounds - Number of iterations (default: 2048)
16
 * @param length - Output key length in bytes (default: 64)
17
 * @returns Derived key bytes
18
 */
19
function pbkdf2Encode(passphrase: string, salt?: Uint8Array, rounds?: number, length?: number): Uint8Array;
20
```
21

22
**Usage Example:**
23

24
```typescript
25
import { pbkdf2Encode } from "@polkadot/util-crypto";
26

27
const passphrase = "my-secure-password";
28
const salt = new Uint8Array(32); // Random salt
29
crypto.getRandomValues(salt);
30

31
// Standard PBKDF2 derivation
32
const key = pbkdf2Encode(passphrase, salt, 4096, 32);
33
console.log(key.length); // 32 bytes
34
```
35

36
### Scrypt Key Derivation
37

38
Scrypt memory-hard key derivation function for enhanced security against hardware attacks.
39

40
```typescript { .api }
41
/**
42
 * Derive key using Scrypt algorithm
43
 * @param passphrase - Password/passphrase to derive from  
44
 * @param salt - Random salt bytes (default: random 32 bytes)
45
 * @param N - CPU/memory cost parameter (default: 16384)
46
 * @param r - Block size parameter (default: 8)
47
 * @param p - Parallelization parameter (default: 1)
48
 * @param dkLen - Derived key length (default: 64)
49
 * @returns Derived key bytes
50
 */
51
function scryptEncode(passphrase: string, salt?: Uint8Array, N?: number, r?: number, p?: number, dkLen?: number): Uint8Array;
52

53
/**
54
 * Parse scrypt parameters from encoded bytes
55
 * @param data - Encoded scrypt data
56
 * @returns Parsed scrypt parameters
57
 */
58
function scryptFromU8a(data: Uint8Array): { salt: Uint8Array; N: number; r: number; p: number; dkLen: number };
59

60
/**
61
 * Encode scrypt parameters to bytes
62
 * @param salt - Salt bytes
63
 * @param N - CPU/memory cost parameter
64
 * @param r - Block size parameter
65
 * @param p - Parallelization parameter
66
 * @param dkLen - Derived key length
67
 * @returns Encoded parameters
68
 */
69
function scryptToU8a(salt: Uint8Array, N: number, r: number, p: number, dkLen: number): Uint8Array;
70
```
71

72
**Usage Example:**
73

74
```typescript
75
import { scryptEncode, scryptFromU8a, scryptToU8a } from "@polkadot/util-crypto";
76

77
const passphrase = "secure-password";
78
const salt = new Uint8Array(32);
79
crypto.getRandomValues(salt);
80

81
// High-security scrypt parameters
82
const key = scryptEncode(passphrase, salt, 32768, 8, 1, 32);
83

84
// Encode parameters for storage
85
const params = scryptToU8a(salt, 32768, 8, 1, 32);
86

87
// Parse parameters back
88
const parsed = scryptFromU8a(params);
89
console.log(parsed.N); // 32768
90
```
91

92
## Algorithm Comparison
93

94
| Algorithm | Security | Speed | Memory Usage | Use Case |
95
|-----------|----------|-------|--------------|----------|
96
| PBKDF2 | Good | Fast | Low | General password hashing |
97
| Scrypt | Excellent | Slower | High | High-security applications |
98
99
## Security Recommendations
100

101
- **Salt**: Always use random, unique salts for each password
102
- **Iterations**: Use high iteration counts balanced with performance needs
103
- **Memory**: Scrypt's memory hardness provides better protection against ASICs
104
- **Storage**: Store salt and parameters alongside derived keys
105
- **Updates**: Periodically increase iteration counts as hardware improves