Taking obese scrypt a step further Besides using an SSD to load our ROM content into RAM, we can keep a larger ROM on SSD - and use it from there This may be achieved with mmap() and making less frequent, larger block size accesses May want to prefetch data on a previous loop iteration, to avoid stalling computation Consider: madvise(), aio_read(), helper thread If there's no seed value stored on the server, the intruder will have to copy and likely distribute the SSD ROM content to attack nodes Multiple SSDs and potentially even a NAS/SAN based on SSDs may be used to make the ROM even larger Compared to blind hashing (refer to our ZeroNights 2012 slides) with database size similar to our SSD ROM's, this may be more practical and it has more obvious properties