I've been using the library and I really like it, but from what I have read PBKDF2 is a bit more vulnerable to brute force attacks than bcrypt or scrypt. I came across this issue about adding scrypt support, but there doesn't seem to be a clear answer.
Ideally, I would like to simply drop in a replacement for the PBKDF2 functionality, but I'm not familiar enough with SJCL's inner workings to know if this is possible.
If it was possible, you could use something like this pure JS bcrypt implementation fairly easily I would imagine.
Yes that is possible but needs more manual work. First you need to compile sjcl with scrypt:
./configure --with-scrypt
make
Then you will have to use scrypt to generate a key pair:
var salt = sjcl.random.randomWords(2,0);
var key = sjcl.misc.scrypt(password, salt);
var encrypted = sjcl.json.encrypt(key, original);
var decrypted = sjcl.json.decrypt(key, encrypted);