[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CALCETrXhbZyzLALvBynvymv53WPoiFC5QKFAb4bFiW5ypnPuEA@mail.gmail.com>
Date: Tue, 11 Feb 2014 14:50:17 -0800
From: Andy Lutomirski <luto@...capital.net>
To: discussions <discussions@...sword-hashing.net>
Subject: Re: [PHC] Is bandwidth all that counts?
On Tue, Feb 11, 2014 at 2:47 PM, Bill Cox <waywardgeek@...il.com> wrote:
> Having submitted my NoelKDF with it's multiplication compute-time
> hardening, I am now wondering if the compute time we force an attacker
> to spend matters at all. An attacker will simply add password hashing
> cores, which are close to free, to his FPGA or ASIC, until his memory
> bandwidth is full. If I force him to spend a full second to write and
> then read 4GiB once (which I do), he'll just run 5 of my hashing cores
> in parallel on an FPGA and fill it's 40GiB/sec memory bandwidth, doing
> 5 guesses per second, so who cares that I forced him to spend as long
> as me computing the hash?
The attacker will need more memory, right? Interleaving between
different passwords increases bandwidth, but it proportionately
increases the amount of memory needed, I think.
--Andy
Powered by blists - more mailing lists