pub struct Argon2 {
pub m_cost: u32,
pub t_cost: u32,
pub p_cost: u32,
pub hash_length: u64,
pub algorithm: Algorithm,
pub version: Version,
}Expand description
Argon2 instance
§Parameters
m_cost- The memory cost in kibibytest_cost- Iteration costp_cost- Parallelizationhash_length- The length of the hash in bytesalgorithm- The algorithm to useversion- The version of the algorithm to use
By default it will use the Argon2id with a 64 byte hash length (maximum).
It is not recomended to change these specific values, they are fine for most use cases.
Generally speaking you don’t want to mess with the t_cost and p_cost parameters a lot.
§About the m_cost, t_cost and p_cost parameters
§m_cost
You should mostly adjust the m_cost if you really want to increase the security of the hash since this is
the major bottleneck for GPUs and ASICs.
Anything from 1024_000 and beyond is considered very secure, if you are paranoid you should increase it
to the max physical RAM of the machine this hash will be computed on.
§t_cost
For most use cases a good value is between 8 and 30.
Increasing the t_cost will increase the time it takes to compute the hash linearly.
For example if the hash takes 10 seconds to compute with t_cost set to 8 and you increase it to 16 it will take roughly twice the time.
§p_cost
For max security the p_cost should be set to 1.
Increasing the p_cost will decrease the time it takes to compute the hash linearly.
For example if the hash takes 10 seconds to compute with p_cost set to 1 and you increase it to 2 it will take roughly half the time.
Keep in mind increasing the p_cost beyond the machine’s physical cores will not increase the speed of the hash computation
but in case of a brute-force attack the attacker will be able to use more cores to compute the hash and thus giving him leverage.
§Presets
There are some presets for the Argon2 struct that you can use.
Argon2::very_fast()Argon2::fast()Argon2::balanced()Argon2::slow()Argon2::very_slow()
Fields§
§m_cost: u32§t_cost: u32§p_cost: u32§hash_length: u64§algorithm: AlgorithmBy default we use the Argon2id
version: VersionBy default we use the version 0x13
Implementations§
Source§impl Argon2
impl Argon2
Sourcepub fn new(m_cost: u32, t_cost: u32, p_cost: u32) -> Self
pub fn new(m_cost: u32, t_cost: u32, p_cost: u32) -> Self
Create a new Argon2 instance with the given parameters.
By default it will use the Argon2id with a 64 byte hash length.
§Arguments
m_cost- The memory cost in kibibytest_cost- Iteration costp_cost- Parallelization
Examples found in repository?
3fn main() {
4 let m_cost = 512_000;
5 let t_cost = 8;
6 let p_cost = 1;
7
8 let argon2 = Argon2::new(m_cost, t_cost, p_cost);
9 let salt = vec![1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16];
10
11 let time = std::time::Instant::now();
12 let hash = argon2.hash_password("password", salt).unwrap();
13 println!("Hash: {:?}", hash);
14 println!("Time to compute: {}secs", time.elapsed().as_secs_f32());
15}pub fn with_algorithm(self, algorithm: Algorithm) -> Self
pub fn with_version(self, version: Version) -> Self
pub fn with_hash_length(self, hash_length: u64) -> Self
Sourcepub fn hash_password(
&self,
password: &str,
salt: Vec<u8>,
) -> Result<Vec<u8>, Error>
pub fn hash_password( &self, password: &str, salt: Vec<u8>, ) -> Result<Vec<u8>, Error>
Hashes the given password
§Arguments
password- The password to hashsalt- The salt to use for hashing
§Returns
The hash of the password in its raw byte form
Examples found in repository?
3fn main() {
4 let m_cost = 512_000;
5 let t_cost = 8;
6 let p_cost = 1;
7
8 let argon2 = Argon2::new(m_cost, t_cost, p_cost);
9 let salt = vec![1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16];
10
11 let time = std::time::Instant::now();
12 let hash = argon2.hash_password("password", salt).unwrap();
13 println!("Hash: {:?}", hash);
14 println!("Time to compute: {}secs", time.elapsed().as_secs_f32());
15}