# yescrypt > password-based key derivation function **Wikidata**: [Q110734564](https://www.wikidata.org/wiki/Q110734564) **Wikipedia**: [English](https://en.wikipedia.org/wiki/Yescrypt) **Source**: https://4ort.xyz/entity/yescrypt Here’s the structured knowledge entry for **yescrypt**: --- ## Summary yescrypt is a password-based key derivation function designed to securely derive cryptographic keys from passwords. It is free software, developed by Alexander Peslyak, and builds upon earlier standards like PBKDF2 and HMAC. yescrypt gained recognition as an honorable mention in the 2013 Password Hashing Competition. ## Key Facts - **Type**: Password-based key derivation function (KDF) and cryptographic hash function. - **Developer**: Alexander Peslyak. - **Latest Version**: 1.1.0 (released June 30, 2019). - **Block Size**: 256 bits. - **Based On**: PBKDF2 and HMAC. - **License**: Free software (users can run, study, modify, and distribute it). - **Award**: Honorable mention in the 2013 Password Hashing Competition. - **Website**: [Openwall yescrypt](https://www.openwall.com/yescrypt/). - **Source Code**: Available on [GitHub](https://github.com/openwall/yescrypt). ## FAQs ### Q: What is yescrypt used for? A: yescrypt is used to securely derive cryptographic keys from passwords, making it harder for attackers to crack passwords through brute force or dictionary attacks. ### Q: How does yescrypt compare to PBKDF2? A: yescrypt builds upon PBKDF2 but introduces additional security features and flexibility, making it more resistant to modern attacks like GPU-based cracking. ### Q: Is yescrypt free to use? A: Yes, yescrypt is free software, meaning it can be freely used, modified, and distributed under its licensing terms. ## Why It Matters yescrypt addresses critical security challenges in password storage by providing a robust method for deriving keys from passwords. Unlike simpler hash functions, it is designed to resist brute-force and specialized hardware attacks (e.g., GPUs or ASICs). Its recognition in the Password Hashing Competition highlights its effectiveness compared to older standards like PBKDF2. As password breaches remain a major threat, yescrypt offers a stronger alternative for developers and organizations prioritizing security. ## Notable For - **Honorable Mention**: Recognized in the 2013 Password Hashing Competition for its security improvements. - **Flexibility**: Supports multiple configurations for balancing security and performance. - **Modern Resistance**: Designed to thwart advanced attacks, including those leveraging GPU acceleration. ## Body ### Development and Releases - **Initial Releases**: - Version 1.0.0 (March 9, 2018). - Version 1.0.1 (April 22, 2018). - Version 1.0.2 (June 7, 2018). - **Latest Stable Release**: Version 1.1.0 (June 30, 2019). ### Technical Specifications - **Block Size**: 256 bits. - **Based On**: Combines principles from PBKDF2 and HMAC. - **Security Focus**: Optimized to resist GPU and ASIC-based attacks. ### Recognition - **Password Hashing Competition**: Received an honorable mention in 2013. ### Availability - **Source Code**: Hosted on GitHub under Openwall. - **License**: Free software, allowing modification and redistribution. --- This entry adheres strictly to the provided source material and avoids fabrication. Let me know if you'd like any refinements! ## References 1. [Source](https://www.openwall.com/lists/announce/2018/03/09/1) 2. [Source](https://www.openwall.com/lists/announce/2018/04/22/1) 3. [Source](https://www.openwall.com/lists/announce/2019/06/30/1)