forum.opennet.ru

Составление сообщения

Исходное сообщение

"В Fedora 35 намечен переход на yescrypt для хэширования паро..."
Отправлено Stax, 09-Июн-21 18:04

Новость не читай, по ссылкам не ходи, комментарий пиши???
Там же есть сравнение.
yescrypt has a dependency not only on RAM and maybe ROM, but also on fast on-die local memory (such as a CPU's L1 or L2 cache), which provides bcrypt-like anti-GPU properties even at very low per-hash RAM sizes (where scrypt and Argon2 are more likely to lose to bcrypt in terms of GPU attack speed) and even without ROM
yescrypt and scrypt currently have little low-level parallelism within processing of a block (yescrypt allows for tuning this later, scrypt does not), whereas Argon2 has a fixed and currently commonly excessive amount of such parallelism, which may be extracted to speed up e.g. GPU attacks through use of more computing resources per the same total memory size due to each hash computation's memory needs being split between 32 threads (yescrypt currently has four 16-byte lanes that can be processed in parallel within a 64-byte sub-block before running into a data dependency for the next sub-block, whereas Argon2 allows for parallel processing of eight 128-byte chunks within a 1 KiB block with only two synchronization points for the entire block, as well as of four 32-byte parts of the 128-byte chunks with only two more synchronization points for the entire 1 KiB block)
yescrypt uses computation latency hardening based on integer multiplication and local memory access speed, which ties its per-hash RAMs up for a guaranteed minimum amount of time regardless of possibly much higher memory bandwidth on the attacker's hardware, whereas Argon2 uses only the multiplications and performs 6 times fewer of those sequentially (96 sequential multiplications per 1 KiB for yescrypt vs. 16 per 1 KiB for Argon2, providing correspondingly different minimum time guarantees) and scrypt does not use this technique at all (but is no worse than Argon2 in this respect anyway due to having less low-level parallelism)
(ye)scrypt's cryptographic security is provided by SHA-256, HMAC, and PBKDF2, which are NIST-approved and time-tested (the rest of yescrypt's processing, while most crucial for its offline attack resistance properties, provably does not affect its basic cryptographic hash properties), whereas Argon2 relies on the newer BLAKE2 (either choice is just fine for security, but use of approved algorithms may sometimes be required for compliance)

Исходное сообщение
"В Fedora 35 намечен переход на yescrypt для хэширования паро..." Отправлено Stax, 09-Июн-21 18:04
Новость не читай, по ссылкам не ходи, комментарий пиши??? Там же есть сравнение. yescrypt has a dependency not only on RAM and maybe ROM, but also on fast on-die local memory (such as a CPU's L1 or L2 cache), which provides bcrypt-like anti-GPU properties even at very low per-hash RAM sizes (where scrypt and Argon2 are more likely to lose to bcrypt in terms of GPU attack speed) and even without ROM yescrypt and scrypt currently have little low-level parallelism within processing of a block (yescrypt allows for tuning this later, scrypt does not), whereas Argon2 has a fixed and currently commonly excessive amount of such parallelism, which may be extracted to speed up e.g. GPU attacks through use of more computing resources per the same total memory size due to each hash computation's memory needs being split between 32 threads (yescrypt currently has four 16-byte lanes that can be processed in parallel within a 64-byte sub-block before running into a data dependency for the next sub-block, whereas Argon2 allows for parallel processing of eight 128-byte chunks within a 1 KiB block with only two synchronization points for the entire block, as well as of four 32-byte parts of the 128-byte chunks with only two more synchronization points for the entire 1 KiB block) yescrypt uses computation latency hardening based on integer multiplication and local memory access speed, which ties its per-hash RAMs up for a guaranteed minimum amount of time regardless of possibly much higher memory bandwidth on the attacker's hardware, whereas Argon2 uses only the multiplications and performs 6 times fewer of those sequentially (96 sequential multiplications per 1 KiB for yescrypt vs. 16 per 1 KiB for Argon2, providing correspondingly different minimum time guarantees) and scrypt does not use this technique at all (but is no worse than Argon2 in this respect anyway due to having less low-level parallelism) (ye)scrypt's cryptographic security is provided by SHA-256, HMAC, and PBKDF2, which are NIST-approved and time-tested (the rest of yescrypt's processing, while most crucial for its offline attack resistance properties, provably does not affect its basic cryptographic hash properties), whereas Argon2 relies on the newer BLAKE2 (either choice is just fine for security, but use of approved algorithms may sometimes be required for compliance)

Ваше сообщение
Имя*:
EMail:	Для отправки ответов на email укажите знак ! перед адресом, например, !user@host.ru (!! - не показывать email). Более тонкая настройка отправки ответов производится в профиле зарегистрированного участника форума.
Заголовок*:
Сообщение*:
	Введите код, изображенный на картинке:

При общении не допускается: неуважительное отношение к собеседнику, хамство, унизительное обращение, ненормативная лексика, переход на личности, агрессивное поведение, обесценивание собеседника, провоцирование флейма голословными и заведомо ложными заявлениями. Не отвечайте на сообщения, явно нарушающие правила - удаляются не только сами нарушения, но и все ответы на них. Лог модерирования.

Партнёры:

Хостинг:

Закладки на сайте
Проследить за страницей

Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру