- COPYRIGHT AND LICENSE
Crypt::Passphrase::Argon2 - An Argon2 encoder for Crypt::Passphrase
This class implements an Argon2 encoder for Crypt::Passphrase. It is the recommended password encoder as of 2021.
The default settings are taken from the intermediate profile of libsodium's password hashing. You are highly encouraged to come up with your own settings: Crypt::Argon2 contains a
argon2-calibrate tool to assist you in this.
This creates a new Argon2 encoder, it takes named parameters that are all optional. Note that some defaults are likely to change at some point in the future, as computers get progressively more powerful and cryptoanalysis gets more advanced.
Maximum memory (in bytes) that may be used to compute the Argon2 hash. This currently defaults to 256 megabytes, but this number may change in any future version.
Maximum amount of time it may take to compute the Argon2 hash. This currently defaults to
3, but this number may change in any future version.
The number of lanes (and potentially threads) used for the hash. This defaults to
1, but this number may change in any future version.
The size of a hashed value. This defaults to 16 bytes, increasing it only makes sense if your passwords actually contain more than 128 bits of entropy.
The size of the salt. This defaults to 16 bytes, which should be more than enough for any use-case.
This choses the argon2 subtype. It defaults to
argon2id, and unless you know what you're doing you should probably keep it at that. This may change in any future version (but is unlikely to do so unless
argon2_idis cryptographically broken).
This is the default. It's a hybrid of
argon2dthat largely combines the advantages of both.
This is optimized against timing attacks, but more vulnerable against other cryptographic attacks. It must not be used with a
time_costlower than 3.
This is optimized for resistance to GPU cracking attacks but not against timing based side-channel attacks.
Note: there is no wrong or right configuration, it all depends on your own particular circumstances. I recommend using the algorithm described in Crypt::Argon2 to pick the right settings for you.
This hashes the passwords with argon2 according to the specified settings and a random salt (and will thus return a different result each time).
This returns true if the hash uses a different cipher or subtype, or if any of the parameters is lower that desired by the encoder.
This class supports the following crypt types:
This will check if a password matches an argon2 hash.
Leon Timmermans <email@example.com>
This software is copyright (c) 2021 by Leon Timmermans.
This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.