| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <511EB339.5060907@gmail.com> Date: Fri, 15 Feb 2013 14:14:17 -0800 From: ravin wind <ravinwinddce@...il.com> To: discussions@...sword-hashing.net Subject: Re: [PHC] FAQ On 02/15/2013 01:45 PM, Jean-Philippe Aumasson wrote: > Hi, welcome to our discussions mailing list! > > Earlier today we published an FAQ page, with only 1 Q&A so far > (https://password-hashing.net/faq.html). What other questions would > you like to see there? > > > Thanks! > > > JP On 02/15/2013 01:45 PM, Jean-Philippe Aumasson wrote: > Hi, welcome to our discussions mailing list! > > Earlier today we published an FAQ page, with only 1 Q&A so far > (https://password-hashing.net/faq.html). What other questions would > you like to see there? > > > Thanks! > > > JP I assume memory-hard problems are in play. Example: SHA-256 hashing and filling the whole 4GB memory space with PRN to derive the next address in memory, add a 128-bit salt, repeat hash again, and so on. Thus overcoming low-memory requirements of PBKDF2 and forcing the use of the whole memory. Pipelined FPGA, parallel CPUs or GPUs can't then be used. Clustering will not work. A Critical-Path is formed due to mixing with the password key (hashed 44-64 character Yubikey) at each hashing. Whole memory space must always be filled to get the next hash correct. Memory jumps will seem random. Scrypt comes to mind.
Powered by blists - more mailing lists