lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 7 Aug 2013 02:39:25 -0500 (CDT)
From: Steve Thomas <steve@...tu.com>
To: discussions@...sword-hashing.net
Subject: Re: [PHC] A (naively?) simple PHC submission using hash chains

> On August 7, 2013 at 1:52 AM Larry Bugbee <bugbee@....com> wrote:
>
> On Aug 6, 2013, at 11:34 PM, Marsh Ray wrote:
> > I didn't have much trouble reading Trevor Perrin's Python, but I note that
> > it didn't *actually* seem to be parallelizing over multiple threads. The
> > Ruby looked like it would run in parallel, except that the normal
> > interpreter doesn't do that. Go figure!
>
> Out of the box, Python is single threaded. To thread Python you will need to
> import "thread" (low level) or "threading" (higher level). ...or for multiple
> processes, "multiprocessing".
>
> Larry
>

You shouldn't rely on threading as it can cause problems and extra resources. If
anything it should be nice for vector instructions (SSE2, AVX, AVX2, AVX512) or
algorithm instructions (AES-NI, SHA1, SHA256, and others (I think I heard
something about vague x86 instructions that would help)). Although those are
only x86 there are similarities with other vector instructions. I really haven't
made up my mind with algorithm instructions as to weather they are good or bad.
It really depends on how long Intel/AMD will support them and speed. My guess is
that AVX512 is going to be faster than the SHA1 and SHA256 instructions. So the
attacker will use vector instructions instead of SHA1 and SHA256 instructions.

I heard from Daniel Selifonov that the AES-NI are actually faster than saving
the expanded key in memory. Anyone know if the AES-NI run in constant time?


Although I am talking about low level instructions I understand that these won't
be available to scripting languages. My hope is that they are eventually
compiled libraries that you can call. Since there's only a few things you can do
to help scripting languages.
Content of type "text/html" skipped

Powered by blists - more mailing lists