It was invented by Colin Percival for the online service for protected storage of back up copies of Unix like operating systems in 2008.
The function was created in such a way that the encryption keys are used only on the user’s computer and the data changes incrementally (only the changes related to the latest condition are applied).
Moreover, the peculiarities of the function design make it more than difficult to conduct a brute force attack with PLD (programmable logic device).
A large amount of memory is needed to simply compute it. Nowadays scrypt is used in a variety of cryptocurrencies such as Litecoin, Dogecoin and others as a proof-of-work.
Password-based key derivation function is usually developed in such a way that it demands a considerable amount of time to compute. An authorised user has to compute the function only once.
But when trying to brute force a hacker will have to make billions of function calculations, hence its computational difficulty makes such an attack quite a money and time consuming effort.
Scrypt algorithm was developed to complicate hardware implementations through the increase of amount of resources needed for the calculation.
It uses significantly more RAM (random access memory) than any other PBKDF. In scrypt memory is used to store a large vector of pseudorandom bit strings that are generated as part of the algorithm.
Once the vector is generated, the elements of it are accessed in a pseudo-random order and combined to produce the derived key. Since the vector generating algorithm is known there is a realisation of scrypt that doesn’t demand such a vast amount of memory, when each element is generated on the fly as needed.
However, the calculation of the element is relatively complex and the elements are expected to be accessed many times throughout the execution of the scrypt function.
Scrypt was designed with such a balance between memory consumption and time that the realisations that do not use memory are too slow.
The execution speed of one scrypt operation with a standard processor is about 100 milliseconds with 32MB consumed memory.
Litecoin cryptocurrency uses such scrypt parameters that the memory consumption is roughly 128Kb. It is ten times faster to execute such scrypt on the video card that on the standard processor. Which explains why mining with the video graphics cards is so widespread.