Sujet : Re: Byte Addressability And Beyond
De : ldo (at) *nospam* nz.invalid (Lawrence D'Oliveiro)
Groupes : comp.archDate : 04. Jun 2024, 03:00:55
Autres entêtes
Organisation : A noiseless patient Spider
Message-ID : <v3lsgm$48om$11@dont-email.me>
References : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
User-Agent : Pan/0.158 (Avdiivka; )
On Mon, 3 Jun 2024 17:42:17 +0300, Michael S wrote:
On Mon, 03 Jun 2024 14:07:12 GMT scott@slp53.sl.home (Scott Lurndal)
wrote:
Most modern CPUs have instruction set support for symmetric ciphers
such as AES, SM2/SM3 as well as message digest/hash (SHA1, SHA256 et
al).
It is still not *too* fast.
'Too fast' in my book is when with 1B to 10B USD worth of OTP servers
you can break cipher by brute force in less than 1 hour.
The good algorithms are designed to be fast for encryption/decryption use,
while still being uselessly slow for cracking purposes.
Hash algorithms come in two flavours: cryptographic hashes (as mentioned
above) and password hashes. Cryptographic hashes have to be fast to
compute, but password hashes should take some appreciable fraction of a
second. This is fast enough to authenticate a user logging in, while
significantly slowing down password-guessing attacks.
For example, the WordPress password-hashing algorithm takes a
cryptographic hash like MD5 (considered crap nowadays), and iterates it
8000 times. And suddenly crap becomes good.
Re: Byte Addressability And Beyond
Re: Byte Addressability And Beyond