lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 26 Mar 2015 06:55:14 -0700
From: Bill Cox <>
To: "" <>
Subject: Re: [PHC] Another PHC candidates "mechanical" tests (ROUND2)

On Thu, Mar 26, 2015 at 6:33 AM, Bill Cox <> wrote:

> On Thu, Mar 26, 2015 at 2:00 AM, Solar Designer <>
> wrote:
>> The 10x is a huge exaggeration.  I won't believe you when you say you
>> measured this on a currently typical machine unless and until you show
>> specific numbers confirming it.  There must have been an error or
>> something special about your measurements.
> 10X is exaggerated, but not by much.  Results from my laptop this morning
> say that my "worker' threads are slowed down by up to 4.97X when TwoCats is
> running.  I was off by a factor of 2X :-)

The impact I'm seeing is that L3-bound SSE optimize memory-hard hashing
does not work and play well with other L3 intensive tasks on the same
server.  It is literally faster to run Scrypt, then run another task, than
to run the two in parallel, even when both tasks are single-threaded.

This means there is money to be saved by running authentication servers
that offload memory-hard hashing from other servers.  I would think this
would be good for your use case :-)

Content of type "text/html" skipped

Powered by blists - more mailing lists