2 files changed, 61 insertions, 47 deletions
diff --git a/Documentation/MANPAGE.md b/Documentation/MANPAGE.md
index 45c60c6..47092cf 100644
--- a/Documentation/MANPAGE.md
+++ b/Documentation/MANPAGE.md
@@ -563,15 +563,44 @@ Quiet - silence informational messages.
 Applies to: all actions.
 
 #### -scryptn int
-scrypt cost parameter expressed as scryptn=log2(N). Possible values are
-10 to 28, representing N=2^10 to N=2^28.
+gocryptfs uses *scrypt* for hashing the password when mounting,
+which protects from brute-force attacks.
+
+`-scryptn` controls the *scrypt* cost parameter "N" expressed as scryptn=log2(N).
+Possible values are `-scryptn=10` to `-scryptn=28`, representing N=2^10 to N=2^28.
 
 Setting this to a lower
 value speeds up mounting and reduces its memory needs, but makes
 the password susceptible to brute-force attacks. The default is 16.
 
+The memory usage for *scrypt* during mounting is as follows:
+
+    scryptn     Memory Usage  
+    =======     ============
+    10          1   MiB
+    11          2 
+    12          4 
+    13          8 
+    14          16  
+    15          32  
+    16          64  
+    17          128 
+    18          256 
+    19          512 
+    20          1   GiB
+    21          2 
+    22          4 
+    23          8 
+    24          16  
+    25          32  
+    26          64  
+    27          128 
+    28          256 
+
 Applies to: `-init`, `-passwd`
 
+See also: the benchmarks in the gocryptfs source code in internal/configfile.
+
 #### -trace string
 Write execution trace to file. View the trace using "go tool trace FILE".
 
diff --git a/internal/configfile/scrypt_test.go b/internal/configfile/scrypt_test.go
index 30f37a1..1c90c0a 100644
--- a/internal/configfile/scrypt_test.go
+++ b/internal/configfile/scrypt_test.go
@@ -1,60 +1,45 @@
 package configfile
 
 import (
+	"fmt"
 	"testing"
 )
 
 /*
-Results on a 2.7GHz Pentium G630:
-
-gocryptfs/cryptfs$ go test -bench=.
+$ time go test -bench . -run none
+goos: linux
+goarch: amd64
+pkg: github.com/rfjakob/gocryptfs/v2/internal/configfile
+cpu: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
+BenchmarkScryptN/10-4         	     339	   3488649 ns/op	 1053167 B/op	      22 allocs/op ... 3ms+1MiB
+BenchmarkScryptN/11-4         	     175	   6816072 ns/op	 2101742 B/op	      22 allocs/op
+BenchmarkScryptN/12-4         	      87	  13659346 ns/op	 4198898 B/op	      22 allocs/op
+BenchmarkScryptN/13-4         	      43	  27443071 ns/op	 8393209 B/op	      22 allocs/op
+BenchmarkScryptN/14-4         	      21	  56931664 ns/op	16781820 B/op	      22 allocs/op
+BenchmarkScryptN/15-4         	      10	 108494502 ns/op	33559027 B/op	      22 allocs/op
+BenchmarkScryptN/16-4         	       5	 217347137 ns/op	67113465 B/op	      22 allocs/op  ... 217ms+67MiB
+BenchmarkScryptN/17-4         	       3	 449680138 ns/op	134222362 B/op	      22 allocs/op
+BenchmarkScryptN/18-4         	       2	 867481653 ns/op	268440064 B/op	      22 allocs/op
+BenchmarkScryptN/19-4         	       1	1738085333 ns/op	536875536 B/op	      23 allocs/op
+BenchmarkScryptN/20-4         	       1	3508224867 ns/op	1073746448 B/op	      23 allocs/op
+BenchmarkScryptN/21-4         	       1	9536561994 ns/op	2147488272 B/op	      23 allocs/op
+BenchmarkScryptN/22-4         	       1	16937072495 ns/op	4294971920 B/op	      23 allocs/op
 PASS
-BenchmarkScrypt10-2	     300	   6021435 ns/op ... 6ms
-BenchmarkScrypt11-2	     100	  11861460 ns/op
-BenchmarkScrypt12-2	     100	  23420822 ns/op
-BenchmarkScrypt13-2	      30	  47666518 ns/op
-BenchmarkScrypt14-2	      20	  92561590 ns/op ... 92ms
-BenchmarkScrypt15-2	      10	 183971593 ns/op
-BenchmarkScrypt16-2	       3	 368506365 ns/op
-BenchmarkScrypt17-2	       2	 755502608 ns/op ... 755ms
-ok  	github.com/rfjakob/gocryptfs/v2/cryptfs	18.772s
+ok  	github.com/rfjakob/gocryptfs/v2/internal/configfile	47.545s
 */
 
-func benchmarkScryptN(n int, b *testing.B) {
+func BenchmarkScryptN(b *testing.B) {
+	for n := 10; n <= 20; n++ {
+		b.Run(fmt.Sprintf("%d", n), func(b *testing.B) {
+			benchmarkScryptN(b, n)
+		})
+	}
+}
+
+func benchmarkScryptN(b *testing.B, n int) {
 	kdf := NewScryptKDF(n)
 	for i := 0; i < b.N; i++ {
 		kdf.DeriveKey(testPw)
 	}
-}
-
-func BenchmarkScrypt10(b *testing.B) {
-	benchmarkScryptN(10, b)
-}
-
-func BenchmarkScrypt11(b *testing.B) {
-	benchmarkScryptN(11, b)
-}
-
-func BenchmarkScrypt12(b *testing.B) {
-	benchmarkScryptN(12, b)
-}
-
-func BenchmarkScrypt13(b *testing.B) {
-	benchmarkScryptN(13, b)
-}
-
-func BenchmarkScrypt14(b *testing.B) {
-	benchmarkScryptN(14, b)
-}
-
-func BenchmarkScrypt15(b *testing.B) {
-	benchmarkScryptN(15, b)
-}
-
-func BenchmarkScrypt16(b *testing.B) {
-	benchmarkScryptN(16, b)
-}
-
-func BenchmarkScrypt17(b *testing.B) {
-	benchmarkScryptN(17, b)
+	b.ReportAllocs()
 }