lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 14 Jan 2014 00:37:06 +0000
From: Marsh Ray <maray@...rosoft.com>
To: "' (discussions@...sword-hashing.net)'" <discussions@...sword-hashing.net>
Subject: A must read...
It always bears repeating that the password-cracking attacker typically has many candidate guesses he can try in parallel, and usually has many hash values he wishes to target. How do you prevent him from hiding latencies in long pipelines? (longer than those that would be tolerable in defenders' branch-happy general purpose systems)
A must read for those who haven't seen it before:
Bernstein - Understanding Brute Force
http://cr.yp.to/snuffle/bruteforce-20050425.pdf
- Marsh
Content of type "text/html" skipped
Powered by blists - more mailing lists