| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3f365d6614b146519a12e1fc07d653a6@BY2PR03MB074.namprd03.prod.outlook.com> Date: Wed, 12 Feb 2014 21:48:38 +0000 From: Marsh Ray <maray@...rosoft.com> To: "discussions@...sword-hashing.net" <discussions@...sword-hashing.net> CC: "Bill Cox " <IMCEAMAILTO-waywardgeek+40gmail+2Ecom@...prd03.prod.outlook.com> Subject: RE: [PHC] Is bandwidth all that counts? From: Bill Cox [mailto:waywardgeek@...il.com] > I did a bit of googling to see how cheaply I could build a 4GB DDR3 10GB/sec > guessing unit. I think it can be done for around $100 with a cheap low-end > GPU and 8GB of cheap DDR3 memory. DDR3 is running about $10/GB, and Note that Intel Core i7-3820 runs about $300 retail and will do up to 51.2 GB/s. So all-in, the performance of commodity hardware is very similar to that of custom boards made with off-the-shelf chips. > At that price, we'd have guessing hardware costs of about $100 per guess > per second for NoelKDF guessing hardware, which isn't bad, but it's still 5X > cheaper than my son's home-built Linux MineCraft server. 5x means the attacker with custom circuit of off-the-shelf chips gains an advantage of only 2.3 bits of security over a defender with commodity hardware. I think this is an excellent result for the password problem. > I really do think memory bandwidth is where the metal meets the road and > where we'll draw the line in the sand against brute force attacks. I'm not sure we should completely give up on memory latency. It's the parameter that has changed the least in DRAM systems in the last 30 years. - Marsh
Powered by blists - more mailing lists