From 204711e5dbebf6f5c216ae2599fbac3119fe18c3 Mon Sep 17 00:00:00 2001
From: akwizgran <michael@briarproject.org>
Date: Fri, 19 Jan 2018 10:58:45 +0000
Subject: [PATCH] Reduce minimum scrypt cost for low-end devices.

---
 .../org/briarproject/bramble/crypto/ScryptKdf.java     |  2 +-
 .../org/briarproject/bramble/crypto/ScryptKdfTest.java | 10 ++++++++++
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/bramble-core/src/main/java/org/briarproject/bramble/crypto/ScryptKdf.java b/bramble-core/src/main/java/org/briarproject/bramble/crypto/ScryptKdf.java
index b5cec69061..b3e567323a 100644
--- a/bramble-core/src/main/java/org/briarproject/bramble/crypto/ScryptKdf.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/crypto/ScryptKdf.java
@@ -16,7 +16,7 @@ class ScryptKdf implements PasswordBasedKdf {
 	private static final Logger LOG =
 			Logger.getLogger(ScryptKdf.class.getName());
 
-	private static final int MIN_COST = 512; // Min parameter N
+	private static final int MIN_COST = 256; // Min parameter N
 	private static final int MAX_COST = 1024 * 1024; // Max parameter N
 	private static final int BLOCK_SIZE = 8; // Parameter r
 	private static final int PARALLELIZATION = 1; // Parameter p
diff --git a/bramble-core/src/test/java/org/briarproject/bramble/crypto/ScryptKdfTest.java b/bramble-core/src/test/java/org/briarproject/bramble/crypto/ScryptKdfTest.java
index d539252455..f7cbfe05ec 100644
--- a/bramble-core/src/test/java/org/briarproject/bramble/crypto/ScryptKdfTest.java
+++ b/bramble-core/src/test/java/org/briarproject/bramble/crypto/ScryptKdfTest.java
@@ -56,6 +56,7 @@ public class ScryptKdfTest extends BrambleTestCase {
 	@Test
 	public void testCalibration() throws Exception {
 		Clock clock = new ArrayClock(
+				0, 50, // Duration for cost 256
 				0, 100, // Duration for cost 512
 				0, 200, // Duration for cost 1024
 				0, 400, // Duration for cost 2048
@@ -65,6 +66,15 @@ public class ScryptKdfTest extends BrambleTestCase {
 		assertEquals(4096, kdf.chooseCostParameter());
 	}
 
+	@Test
+	public void testCalibrationChoosesMinCost() throws Exception {
+		Clock clock = new ArrayClock(
+				0, 2000 // Duration for cost 256 is already too high
+		);
+		PasswordBasedKdf kdf = new ScryptKdf(clock);
+		assertEquals(256, kdf.chooseCostParameter());
+	}
+
 	private static class ArrayClock implements Clock {
 
 		private final long[] times;
-- 
GitLab