I have been thinking about a possible algorithm for key derivation, for use with brainwallets and so forth:
import hashlib
def derivekey(passphrase,rounds=1024):
def getdigest(x):
return hashlib.sha256(x).digest()
concatenation=getdigest(passphrase)
for i in range(rounds):
result=getdigest(concatenation)
concatenation=result+concatenation
return result
print derivekey('this is a test').encode('hex')
It simply applies sha256 a bunch of times while prepending results to expand the size, with the final result being based on the whole series (as is the case with each intermediate result).
This is an extremely simple algorithm, but as far as I can tell it seems to be just as useful as scrypt (which is more complex). The succession of digests each rely on the presence of the past ones, so it has to be done sequentially, and has to use up memory.
Am I missing something critical here?