What are relatively secure parameters {N, r, p} to use for Scrypt? Particularly the p parameter. Apparently any positive integer for p is valid, but with p=1, the algorithm never touches ROMix, correct? Is that section of the algorithm completely optional so long as N and r are sufficiently large?
Mainly I'm asking in regards to using Scrypt for hashing passwords.
References: tools.ietf.org/html/rfc7914
EDIT: Additionally, although I'd like to be as secure as possible, assuming the hashing will be run on a relatively cheap VPS, which parameters would be feasible for a variety of given user populations?
No responses yet.