# Cryptography
A brief overview of the used cryptography
# General
All cryptography is based on https://nacl.cr.yp.to
Public Key cryptography is based on: Curve25519 + XSalsa20 + Poly1305
For our client we are using ecma-nacl a JavaScript implementation of NaCl.
Our server uses PyNaCl
As our "authkey derivation function" users scrypt we also have a scrypt library in our server scrypt and client (already part of ecma-nacl).
The authkey is generated by the following algorithm:
var generate_authkey = function (username, password) {
var salt = sha512(username.toLowerCase());
var u = 14; // 2^14 = 16MB
var r = 8;
var p = 1;
var l = 64; // 64 Bytes = 512 Bits
var authkey = to_hex(scrypt(encode_utf8(password), salt, u, r, p, l));
return authkey;
};