scrypt version 1.1 released
In a post here last week, I announced the scrypt key derivation function and the availability of source code for both the key derivation function and a file encryption utility which used it. At that point, the scrypt encryption utility only ran on FreeBSD; after a week of struggling with autoconf, I am now happy to announce that version 1.1 of the scrypt code should now run on linux and other unix-like operating systems.I'd like to make scrypt as portable as possible, but I don't have access to a very wide range of systems to test with; so I'd like to ask my readers to help me with testing scrypt on non-FreeBSD systems. Please
- download the scrypt source code,
- verify the gpg signed SHA256 hash,
- extract the source code tarball,
- run ./configure && make,
- encrypt a file via ./scrypt enc origfile encryptedfile,
- decrypt the file via ./scrypt dec encryptedfile decryptedfile, and
- compare origfile and decryptedfile to confirm that the file was decrypted correctly.
- what sort of system (OS and hardware) you tried scrypt on,
- whether scrypt built and worked correctly, and
- if scrypt didn't work, what went wrong (e.g., what compiler errors were output).
In order to provide full disclosure: The next version of the tarsnap client code will be using scrypt, so I have an ulterior motive for wanting to check that the scrypt code is portable. That said, I think it's important for people to use strong cryptography, so I would want scrypt to be as portable as possible and usable as widely as possible even in the absence of tarsnap -- which is why scrypt is BSD licensed.
UPDATE: I coded a test for MAP_NOCORE backwards in version 1.1 of this code. This is fixed in version 1.1.1; if you tried version 1.1 and it failed with an error about MAP_NOCORE being undeclared, please download version 1.1.1 and try again (I've adjusted the links above).