Scrypt Hash Calculator
hash
All hashing runs in your browser. Data is never sent to any server.
Password Input
Verify Password
1. How to Use
- Enter your password in the input box.
- Set salt (or Random), N (16384 recommended), r, p, key length.
- Choose Salt format (UTF-8 to match other online Scrypt tools).
- Click 'Generate' and use Verify to test password against derived key.
- Store salt, N, r, p, and derived key for verification.
2. How It Works
Scrypt (RFC 7914) uses a large amount of memory. It builds a vector V of N blocks (each 128r bytes), then accesses them in a pseudo-random order. Memory usage ā 128Ā·NĀ·r bytes.
Steps: (1) PBKDF2 to get initial blocks. (2) ROMix: fill V with repeated BlockMix; then for each block, read from V at index (block XOR integer) and mix. (3) PBKDF2 on result to get final key.
BlockMix: Salsa20/8 core on each 64-byte block; blocks are permuted and XORed. ROMix ensures the entire V must be in memory to compute the result efficiently.
Parameters: N (CPU/memory cost, must be power of 2), r (block size), p (parallelism). Memory ā 128Nr. N=16384, r=8, p=1 ā ~16 MB.
3. About Scrypt
Scrypt is a memory-hard KDF (RFC 7914) used in many cryptocurrencies and Unix. It resists GPU and ASIC attacks by requiring large RAM.
This Scrypt hash calculator derives keys with configurable N, r, p. Salt format can be Auto (hex), Hex, or UTF-8 for cross-site verification.
All hashing runs in your browser.
4. Advantages
- Memory-hard: High RAM requirement limits parallel cracking.
- Standard: RFC 7914; used in Bitcoin (Litecoin), Unix.
- Configurable: N, r, p tune security and performance.
- Proven: In use since 2009.
5. Real-World Use Cases
- Cryptocurrency: Litecoin, many altcoins use Scrypt.
- Unix passwords: Some systems use Scrypt.
- Key derivation: When memory-hardness is desired.
- Password storage: Alternative to bcrypt/Argon2.