Argon2::Simple

Argon2::Simple provides a wrapper around Argon2. Argon2::Simple simplifies the process of creating passwords hashes and checking submitted passwords against those hashes.

To hash a password, use the hash method:

pw_clear = 'my password'
hashed = Argon2::Simple.hash(pw_clear)
puts hashed  # => $argon2i$v=19$m=65536,t=2,p=1$K4BXPfBeuZSnqxia/abuRQ$0+jibsWcClNY+HHSXxQlsEi/RboEScY8XM5mh4ehFlA

To check a submitted password against the hash, use the check method:

# check against clear password
puts Argon2::Simple.check(pw_clear, hashed) # => true

# check against incorrect password
puts Argon2::Simple.check('whatever', hashed) # => false

Because Argon2 is one of the most secure hashing algorithms in the world, it is also one of the slowest. To speed things up, Argon2::Simple caches successful password checks. This benefits applications which tend to get the same successful passwords repeatedely, such as a web site that stores an authentication token in a cookie.

By default, Argon2::Simple caches the last 100 successful passwords. You can change that limit with the reset method. So, for example, to set it to 1,000:

Argon2::Simple.reset 1000

To turn off caching, reset with 0:

Argon2::Simple.reset 0

The following test shows the advantage of caching. The test is run first with the default caching of 100, then with no caching.

def tester
   pw_clear = 'my password'
   hashed = Argon2::Simple.hash(pw_clear)

   puts Benchmark.measure {
      100.times do
         Argon2::Simple.check(pw_clear, hashed)
      end
   }
end

tester()                # run with default cache
Argon2::Simple.reset 0  # turn off caching
tester()                # run without cache

That outputs benchmarks something like this:

 0.210000   0.050000   0.260000 (  0.277293)
22.040000   4.240000  26.280000 ( 26.440273)

So for just 100 checks, the time went from about 1/20 of a second to over 4 seconds. Obviously, if your application tends to get a lot of incorrect passwords then the cache doesn't help. I'm thinking of adding the feature that it can also cache unsuccessful authentication attempts. Let me know if that would be helpful.

Install

gem install argon2-simple

Author

Mike O'Sullivan [email protected]

History

version	date	notes
0.0.2	Nov 10, 2018	Initial upload.