lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 5 Jan 2014 09:20:11 -0500
From: Bill Cox <>
Subject: Re: Initial hashing function. Feedback welcome

After getting some really great feedback, I've enhanced noelkdf in various
ways.  The most significant is that it now supports a "parallelism"
parameter.  When set low, it hurts GPU attacks by reducing the amount that
can be done in parallel.  When set high, it enables the user to efficiently
use his GPU to compute the hash if he likes (when I get around to writing
the GPU version).  I also support extending the rounds of memory-hard
hashing after the fact, so server admins can add some protection to old
hashed passwords if they like.  The number of threads, "page" size, and
number of initial SHA256 rounds are all parameters now.

For reasons I don't understand, it now runs even faster!  With 3 threads,
and parallelism set to 64, hashing 2GB on my Core i7 box now takes only
0.26 seconds.  On my work's AMD FX 8 processor, it now takes .45 seconds
with 8 threads.

Content of type "text/html" skipped

Powered by blists - more mailing lists