Module to provide statistics for the Argon2 password hashing function.

The report/1 function in this module can be used to help you configure Argon2.

Configuration

The following four parameters can be set in the config file (these can all be overridden using keyword options):

• t_cost - time cost
  • the amount of computation, given in number of iterations
  • 3 is the default
• m_cost - memory usage
  • 16 is the default - this will produce a memory usage of 64 MiB (2 ^ 16 KiB)
• parallelism - number of parallel threads
  • 4 is the default
• argon2_type - argon2 variant to use
  • 0 (Argon2d), 1 (Argon2i) or 2 (Argon2id)
  • 2 is the default (Argon2id)

It is important to note that the default values are not necessarily the recommended values. A lot will depend on what hardware you are using and how much time you want the hashing function to take. See the Choosing parameters section for more details.

Test values

The following values can be used to speed up tests.

config :argon2_elixir,
  t_cost: 1,
  m_cost: 8

NB. do not use these values in production.

Choosing parameters

The following is a guide on how to choose the parameters.

1. Decide which type to use. If you do not know the difference between the types, choose Argon2id.
2. Decide how many threads to use - the parallelism option.
3. Decide how much memory each call should use - m_cost.
4. Decide how much time each call should take. a. The Argon2 draft guidelines recommend 500 milliseconds (0.5 seconds).
5. Run the function using the values chosen in steps 1-3. Work out the maximum t_cost (number of iterations) such that the running time does not exceed the value chosen in step 4. If the time taken exceeds the value chosen in step 4 even for one iteration, reduce the m_cost accordingly.