| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 02 Mar 2015 12:19:00 -0300 From: Marcos Simplicio <mjunior@...c.usp.br> To: discussions@...sword-hashing.net Subject: Re: [PHC] Comparing speed of entries On 02-Mar-15 02:15, Ben Harris wrote: > On 2 March 2015 at 12:30, Bill Cox <waywardgeek@...il.com> wrote: > >> >> There seems to be some confusion about how to compare the speed of entries >> in the PHC. IMO, we should: >> >> - Compare entries when using the _same_ hash function, the same number of >> rounds, and the same number of threads. >> >> With this simple rule, it is easy to see that Yescrypt is the fastest, >> Lyra2 is the second fastest. >> >> > The comparisons are more difficult for the entries that aren't 'sequential > memory hard', e.g. Catena's lambda variable. I'd like to see a > normalisation of these entries to be the number of invocations of the hash > primitive. You then have two independent variables 'memory' and 'hash > invocations' and the dependent variable is 'time' or 'bandwidth'. > > Also looking at the numbers for the <= L1 and <= L2 memory sizes (for the > benchmarking machine). I do agree that some kind of normalisation is necessary for a fair comparison. We tried to consider the "number of invocations of the hash primitive" in our benchmarks of latest reference guide for Lyra2, so maybe Table 3 (page 57) may help on this task. The graphs are not normalized to the same hash function/number of rounds, though. I feel, that doing so may be reasonable when the scheme uses a "generic" hash function, but that may not be the case when one of the novelties of the proposal is the underlying hash itself... BR, Marcos.
Powered by blists - more mailing lists