lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 3 Apr 2014 01:13:47 -0400
From: Bill Cox <>
Subject: Re: [PHC] Deliberately GPU-friendly password hashes?

On Thu, Apr 3, 2014 at 12:38 AM, Daniel Franke <> wrote:
> I think I've at least glanced at all 24 entries now and it doesn't look
> like there are any which are intended to be friendly to defensive GPU
> use. I think this is an unfortunate omission.

I think using modern GPUs to strengthen passwords on an authentication
server is an outstanding idea.  I originally planned to support GPU
strengthening, with parallelism as a 32-bit int that could enable GPUs
to run thousands of parallel threads.  I realized that my lack of GPU
experience would more than likely cause me to mess up this feature, so
I dropped it.

As a fallback, you can use pepper on GPUs to strengthen passwords for
most PHS's.  Just run one of the winning entries on many threads with
parameters that allow the GPU to tear it up.  I think I've got enough
knobs in the "extended" interface of TwoCats to do this well, but
again, not understanding GPUs very well, this is just speculation.

I'd bet Alexander made sure to have yescript settings that enable good
GPU defense.

One more thought.  Even most smartphones have GPUs of some sort now
days.  I think we should be running our PHS's on them in defensive


Powered by blists - more mailing lists