antigone

Argon2 is the winner of the Password Hashing Competition (PHC).

Argon2 is a memory-hard password hashing function which can be used to hash passwords for credential storage, key derivation, or other applications.

Argon2 has the following three variants (Argon2id is the default):

Argon2d - suitable for applications with no threats from side-channel timing attacks (eg. cryptocurrencies)
Argon2i - suitable for password hashing and password-based key derivation
Argon2id - a hybrid of Argon2d and Argon2i

Argon2i, Argon2d, and Argon2id are parametrized by:

A time cost, which defines the amount of computation realized and therefore the execution time, given in number of iterations
A memory cost, which defines the memory usage, given in kibibytes
A parallelism degree, which defines the number of parallel threads

More information can be found at the Argon2 reference C implementation repository and in the documentation for the elixir_argon2 package.

Comparison with Bcrypt / Pbkdf2

Argon2 has better password cracking resistance than Bcrypt and Pbkdf2. Its main advantage is that, as it is a memory-hard function, it is designed to withstand parallel attacks that use GPUs or other dedicated hardware.

Types

Argon2Type

</>

pub type Argon2Type {
  Argon2d
  Argon2i
  Argon2id
}

Constructors

```
Argon2d
```
Suitable for applications with no threats from side-channel timing attacks (eg. cryptocurrencies)
```
Argon2i
```
Suitable for password hashing and password-based key derivation.
```
Argon2id
```
A hybrid of Argon2d and Argon2i. The default type.

Hasher

opaque </>

pub opaque type Hasher

Functions

argon2_type

</>

pub fn argon2_type(
  hasher: Hasher,
  argon2_type: Argon2Type,
) -> Hasher

The Argon2 type to use. The default is Argon2id.

fake_verify

</>

pub fn fake_verify(hasher: Hasher) -> Nil

Runs the password hash function but doesn’t return any data.

This function is intended to make it more difficult for any potential attacker to find valid usernames by using timing attacks. This function is only useful if it is used as part of a policy of hiding usernames.

hash

</>

pub fn hash(hasher: Hasher, data: BitArray) -> String

Hash the given data with a randomly generated salt.

hash_length

</>

pub fn hash_length(hasher: Hasher, hash_length: Int) -> Hasher

The length of the hash in bytes.

hasher

</>

pub fn hasher() -> Hasher

Create a new hasher with the default configuration. This can then be optionally configured with the various functions of this module, and then used to hash data with the hash function.

memory_cost

</>

pub fn memory_cost(hasher: Hasher, memory_cost: Int) -> Hasher

The memory usage cost, given in kibibytes.

The default value is 16, this will produce a memory usage of 64 MiB (2 ^ 16 KiB). In your tests you may to decrease this value to 8 so your tests will use less memory. You must not decrease this value in production.

parallelism

</>

pub fn parallelism(hasher: Hasher, parallelism: Int) -> Hasher

The number of threads that the algorithm will use.

The default value is 4.

time_cost

</>

pub fn time_cost(hasher: Hasher, time_cost: Int) -> Hasher

The time cost is the number of iterations that the algorithm will perform.

The default value is 3. In your tests you may to decrease this value to 1 so your tests run faster. You must not decrease this value in production.

verify

</>

pub fn verify(data: BitArray, hash: String) -> Bool

Verify in constant time that the given data matches the given hash.