lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 26 Mar 2015 10:44:17 -0700
From: "Jeremi M Gosney" <>
To: <>
Subject: RE: [PHC] Another PHC candidates "mechanical" tests (ROUND2)

> -----Original Message-----
> From: Marcos Simplicio
> Sent: Thursday, March 26, 2015 10:29
> Hum... That makes me think we need to include bcrypt in our GPU
> benchmarks and see what happens. I'm not a GPU specialist, but we do
> have a person working with the GPU implementations and the results shown
> in our report (Sec. 7.3, Figure 20) are that, in the best conditions
> from an attacker's perspective and for a memory usage of 2.3 MB, the
> GPU-based implementation was 4.5 times slower (in terms of throughput)
> than in the CPU.

Typically when attacking bcrypt, CPU is the preferred platform. Current high-end GPUs are roughly the same speed as older high-end CPUs with bcrypt, and are a fair amount slower than current high-end CPUs.

Using bcrypt with cost of 05 (as traditionally used for benchmarking):

R9 290X:     7 KH/s
GTX 980:     7.5 KH/s
Xeon X5670:  8 KH/s
i7-5960X:    14.5 KH/s

Powered by blists - more mailing lists