lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 12 Oct 2015 10:05:10 +0200
From: Krisztián Pintér <>
To: "" <>
Subject: Re: [PHC] An API for Efficiently Obtaining t_cost

On Sun, Oct 11, 2015 at 10:52 PM, Taylor Hornby <> wrote:
> I'm not sure if it's the PHC's job to standardize on an API for the
> winning hash function, but I'm going to strongly argue that
> implementations MUST to provide an API similar to the following:
> int PHS_find_t_cost(

i was arguing against such an API for the following two reasons:

1, it is not the goal. all too often, we have other considerations how
costly we want the KDF to be, not merely the machine's capabilities.
examples include:

* i except a huge authentication workload on a server, which is hard to emulate.
* i plan to use the same password from other, low end clients.
* i have highly variable workload and memory conditions. measurements
are not representative.

simply knowing the situation usually gives a better idea about how
much memory and clock cycles you want to allocate.

2, it is easy to do

in case you really want to do some benchmarks, do it yourself! if your
aim is, say, 100ms, you can do a quick benchmark in approximately
2-300ms of time, maybe a second if you want to play with different
memory settings as well. you need to do it once, so it does not seem
to be problem.

one can also collect performance data on a website. for different
architectures, we need a 5x5 table of of typical memory and time

Powered by blists - more mailing lists