Date: Fri, 23 Nov 2012 10:03:33 +0400 From: Solar Designer <solar@...nwall.com> To: crypt-dev@...ts.openwall.com Subject: Re: ROM or memory port hardness On Tue, Oct 16, 2012 at 12:15:51AM +0200, Simon Josefsson wrote: > I like the idea -- essentially the multi-GB data act as a large > site-wide salt that is derived from a smaller parameter set. My > perception of scrypt is that it is well suitable for offline situations > where you typically have GB's of memory available (e.g., disk encryption > at boot) but not well optimized for online user authentication. Yes, and in the context of dedicated authentication servers we also have gigabytes of memory available - we just need to use it, which regular scrypt could not do at the desired throughput and maximum latency. I spoke on this topic at ZeroNights conference in Moscow on Nov 19-20. Here are the slides: http://www.openwall.com/presentations/ZeroNights2012-New-In-Password-Hashing/ Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.