# Argon2

## PHC

[spec](https://password-hashing.net/)

In order to understand *hex* and *type* parameters read [HASH](https://github.com/liesware/coherence/wiki/Hash)

### Argon2

[spec](https://github.com/P-H-C/phc-winner-argon2)

Description: Password hashing winner of PHC.

Outputs: Variable

Uses: Highest resistance against GPU cracking attacks, safest against side-channel attacks.

## How to ???

```python
import requests
import json
import os,binascii

def sending(message):
    url = 'http://127.0.0.1:6613/'
    response=requests.post(url, data=message)
    print response.content
        return response.content


def argon(data_js):
    req=json.loads(data_js)
    print "Hash passwd \n " + json.dumps(req) +"\n"
    data_js_n=sending(json.dumps(req))
    answ=json.loads(data_js_n)
    print "Recived Argon2 hash: \n" + (json.dumps(answ)) +"\n\n\n"
    verify= '{ "version": 1 , "algorithm":"ARGON2" ,"family":"argon2i","plaintext": "Hello world!","hex":0,"pwd":"", "operation":"verify"}';
    req=json.loads(verify)
    req["pwd"]=answ["hash"]
    print "Verify passwd \n " + json.dumps(req) +"\n"
    data_js_n=sending(json.dumps(req))
    answ_1=json.loads(data_js_n)
    print "Recived Argon verification: \n" + (json.dumps(answ_1)) +"\n\n\n"


argon2_js='{ "version": 1 , "algorithm":"ARGON2" ,"family":"argon2i","plaintext": "Hello world!","t_cost":10,"m_cost":16,"parallelism":4,\
"salt":"ABABABABABABABABABABABABABABABAB","hashlen":32, "hex":0, "operation":"hash"}'

argon(argon2_js)
```

In this example We generate hash and validate password with argon2i from string *Hello world!* with t\_cost, m\_cost, parallelism and salt parameters given.

In order to understand t\_cost, m\_cost, parallelism and salt parameters, please read [spec](https://github.com/P-H-C/phc-winner-argon2).

* On *argon2\_js\["family"]* can be one of *{argon2i, argon2d, argon2id}*
* On *argon2\_js\["operation"]* can be *{hash, verify}*
* ARGON2 only supports *"type":"string"*

Json to hash

```javascript
{ "version": 1 , "algorithm":"ARGON2" ,"family":"argon2 flavor",
"plaintext": "your password","t_cost":INT,"m_cost":INT,"parallelism":INT,
"salt":"hex string","hashlen":INT, "hex": BOOL, "operation":"hash"}
```

Json to verify

```javascript
{ "version": 1 , "algorithm":"ARGON2" ,"family":"argon2 flavor",
"plaintext": "your password","hex":BOOL,"pwd":"Hex (hash arong2 string) ", 
"operation":"verify"}
```

In this tutorial We are protecting user's credentials with TLS and Argon2. It means the information is protected in motion, at rest, in use. [End to end user credentials protection](https://scotch.io/@liesware/end-to-end-user-credentials-protection)