[Cryptography] [cryptography] hashes based on lots of concatenated LUT lookups
John Kelsey
crypto.jmk at gmail.com
Wed Jul 16 16:48:02 EDT 2014
> On Jul 15, 2014, at 1:17 AM, "L. M. Goodman" <lmgoodman at hushmail.com> wrote:
...
> Fancy proof-of-work functions are a band-aid for a broken leg.
This is kind-of how I think about most of the clever new ways of building better password hashing functions. There's often a lot of cleverness involved in making a provably memory-bound function, or a function that's got other nice guarantees that make it unlikely to be sped up much by using a bunch of graphics processors on your machine or something. But ultimately, using passwords to derive cryptographic keys is such an ugly problem that even the best of these schemes are, as you said, a band-aid for a broken leg.
--John
More information about the cryptography
mailing list