[Cryptography] Strict memory hard hash functions
Krisztián Pintér
pinterkr at gmail.com
Tue Dec 31 16:52:53 EST 2013
Sergio Lerner (at Tuesday, December 31, 2013, 9:35:23 PM):
> I've been playing with a property I named Strict memory hard hash
> functions. Strict memory hard functions are an extension of memory hard
> http://bitslog.files.wordpress.com/2013/12/memohash-v0-1.pdf
i have multiple excuses why i'm not addressing the core of your points
(one is that it is new year's eve, and i drank some champagne already,
second is i'm not perfectly a math guy).
but my question is: you are aware of the ongoing password hashing
competition www.password-hashing.net , aren't you?
i see one downside though. if i understand correctly, you need N^2
time if we want N memory blocks (blocks being a reasonable output size
of some PRF). it either limits us severely in memory use if we aim for
"regular" block sizes like 256 to 512 bits, or requires huge block
size. the latter approach seems to ease the problem to some degree.
can we consider like 65536 bit or higher block sizes? does that hurt
security? maybe we need to consider the internals of such a huge PRF?
More information about the cryptography
mailing list