Hash password/salt/etc

Provide one functions that generates a 256bit key from variable-length input.


void hash_soak(void *dst, const void *src, u64 slen);

dst is the 256bit key to be generated, src is a byte array of all inputs, slen is the source length in bytes.

Evaluation

For performance, the function is called 4094 times with source sizes of 1 to 4096. Total execution time for all 4096 calls determines the winner.

For security, this function should have all the attributes of a cryptographic hash function. If there is no faster way to find collisions or determine the input based on the output than brute force, the candidate is considered barely secure.

Rationale

For something like disk encryption or scrypt, we ultimately derive an encryption key from a user password and hopefully some other factors like a salt. Therefore we need some way to extract all the entropy we can to generate a decent encryption key.

Nothing stops users from providing weak passwords. But we should extract all entropy we are provided into a 256bit key.