Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 23 Nov 2012 10:03:33 +0400
From: Solar Designer <>
Subject: Re: ROM or memory port hardness

On Tue, Oct 16, 2012 at 12:15:51AM +0200, Simon Josefsson wrote:
> I like the idea -- essentially the multi-GB data act as a large
> site-wide salt that is derived from a smaller parameter set.  My
> perception of scrypt is that it is well suitable for offline situations
> where you typically have GB's of memory available (e.g., disk encryption
> at boot) but not well optimized for online user authentication.

Yes, and in the context of dedicated authentication servers we also have
gigabytes of memory available - we just need to use it, which regular
scrypt could not do at the desired throughput and maximum latency.

I spoke on this topic at ZeroNights conference in Moscow on Nov 19-20.
Here are the slides:


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.