Sujet : Re: Byte Addressability And Beyond
De : gneuner2 (at) *nospam* comcast.net (George Neuner)
Groupes : comp.archDate : 04. Jun 2024, 22:42:43
Autres entêtes
Organisation : i2pn2 (i2pn.org)
Message-ID : <102v5jhjhuc049bf3tcu5ghfc4bbt3qkcf@4ax.com>
References : 1 2 3 4 5 6 7 8 9 10 11 12 13
User-Agent : ForteAgent/8.00.32.1272
On Tue, 4 Jun 2024 02:00:55 -0000 (UTC), Lawrence D'Oliveiro
<
ldo@nz.invalid> wrote:
On Mon, 3 Jun 2024 17:42:17 +0300, Michael S wrote:
>
On Mon, 03 Jun 2024 14:07:12 GMT scott@slp53.sl.home (Scott Lurndal)
wrote:
Most modern CPUs have instruction set support for symmetric ciphers
such as AES, SM2/SM3 as well as message digest/hash (SHA1, SHA256 et
al).
It is still not *too* fast.
'Too fast' in my book is when with 1B to 10B USD worth of OTP servers
you can break cipher by brute force in less than 1 hour.
>
The good algorithms are designed to be fast for encryption/decryption use,
while still being uselessly slow for cracking purposes.
>
Hash algorithms come in two flavours: cryptographic hashes (as mentioned
above) and password hashes. Cryptographic hashes have to be fast to
compute, but password hashes should take some appreciable fraction of a
second. This is fast enough to authenticate a user logging in, while
significantly slowing down password-guessing attacks.
>
For example, the WordPress password-hashing algorithm takes a
cryptographic hash like MD5 (considered crap nowadays), and iterates it
8000 times. And suddenly crap becomes good.
It's debatable whether repeated application of a given function really
represents a /different/ function.
In any event there is no such thing as a "password" hash - really
there only are cryptographic hashes. A use of a particular hash for
passwords may deliberately slow its execution - e.g., by iterating or
by deliberate delays - but the hash algorithm remains the same.
Re: Byte Addressability And Beyond
Re: Byte Addressability And Beyond