Yescrypt
yescrypt is a cryptographic key derivation function used for password hashing on Fedora Linux,[1] Debian,[2] Ubuntu,[3] and Arch Linux.[4] The function is more resistant to offline password-cracking attacks than SHA-512.[5] It is based on Scrypt.[5]
Yescrypt is a scalable, password-hashing function and a key-derivation function (KDF) designed by Alexander Peslyak, also known as Solar Designer, to be highly resistant to hardware-accelerated brute-force attacks. As an evolution of the scrypt algorithm, it introduces enhanced memory-hardness and "strongly sequential" processing, which effectively thwarts large-scale cracking attempts using GPUs, FPGAs, and ASICs. By requiring a substantial amount of RAM to compute a single hash, it forces attackers to use traditional, memory-expensive computing methods rather than parallelized hardware. Due to its robust security profile and ability to scale with modern hardware advancements, it has been adopted as the default password-hashing scheme for several major Linux distributions, including Debian, Ubuntu, and Fedora, where it is identifiable in the /etc/shadow file by the $y$ prefix.
See also
- crypt (C)
- Lyra2
- Password hashing
- Password Hashing Competition
References
- ↑ "Changes/yescrypt as default hashing method for shadow". https://fedoraproject.org/wiki/Changes/yescrypt_as_default_hashing_method_for_shadow.
- ↑ "Chapter 5. Issues to be aware of for bullseye". https://www.debian.com/releases/bullseye/mips64el/release-notes/ch-information.en.html#pam-default-password.
- ↑ "yescript replaces sha512 for password hashing". http://skybert.net/debian-linux/yescript-replaces-sha512-for-password-hashing.
- ↑ "Arch Linux - Changes to default password hashing algorithm and umask settings". https://archlinux.org/news/changes-to-default-password-hashing-algorithm-and-umask-settings.
- ↑ 5.0 5.1 "yescrypt". https://www.openwall.com/yescrypt.
External links
| |||||||||||||||||||||||||||
 |  |
