| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 12 Oct 2015 10:05:10 +0200 From: Krisztián Pintér <pinterkr@...il.com> To: "discussions@...sword-hashing.net" <discussions@...sword-hashing.net> Subject: Re: [PHC] An API for Efficiently Obtaining t_cost On Sun, Oct 11, 2015 at 10:52 PM, Taylor Hornby <taylor@....io> wrote: > I'm not sure if it's the PHC's job to standardize on an API for the > winning hash function, but I'm going to strongly argue that > implementations MUST to provide an API similar to the following: > > int PHS_find_t_cost( i was arguing against such an API for the following two reasons: 1, it is not the goal. all too often, we have other considerations how costly we want the KDF to be, not merely the machine's capabilities. examples include: * i except a huge authentication workload on a server, which is hard to emulate. * i plan to use the same password from other, low end clients. * i have highly variable workload and memory conditions. measurements are not representative. simply knowing the situation usually gives a better idea about how much memory and clock cycles you want to allocate. 2, it is easy to do in case you really want to do some benchmarks, do it yourself! if your aim is, say, 100ms, you can do a quick benchmark in approximately 2-300ms of time, maybe a second if you want to play with different memory settings as well. you need to do it once, so it does not seem to be problem. one can also collect performance data on a website. for different architectures, we need a 5x5 table of of typical memory and time settings.
Powered by blists - more mailing lists