On 18.06.2012, at 19:42, Pierre Joye wrote: >>>> It is BSD-licensed, so we can easily bundle it with PHP >>> >>> Maybe nice to have in pecl.' >> >> Sure, that's an option, but pecl won't help php to have default >> "state-of-art" password hashing toolset ;) > > There is sadly only state-of-art-right-now password hashing methods. > We have to keep that in mind :)
Sure. but SCrypt is tuneable. One can increase both CPU and RAM complexity and CPU complexity is set as function of time. Which means, that if one upgrades CPU in his server, while leaving settings the same complexity will increase automatically. This feature makes it future-proof to some degree. Well… until quantum computers become ubiquitous ;) -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
