Deutsch English Français Italiano |
<v3lsgm$48om$11@dont-email.me> View for Bookmarking (what is this?) Look up another Usenet article |
Path: ...!2.eu.feeder.erje.net!3.eu.feeder.erje.net!feeder.erje.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail From: Lawrence D'Oliveiro <ldo@nz.invalid> Newsgroups: comp.arch Subject: Re: Byte Addressability And Beyond Date: Tue, 4 Jun 2024 02:00:55 -0000 (UTC) Organization: A noiseless patient Spider Lines: 25 Message-ID: <v3lsgm$48om$11@dont-email.me> References: <v0s17o$2okf4$2@dont-email.me> <v327n3$1use$1@gal.iecc.com> <BM25O.40665$HBac.4762@fx15.iad> <v32lpv$1u25$1@gal.iecc.com> <v33bqg$9cst$11@dont-email.me> <v34v62$ln01$1@dont-email.me> <v36bva$10k3v$2@dont-email.me> <2024May29.090435@mips.complang.tuwien.ac.at> <v38opv$1gsj2$3@dont-email.me> <v38rkd$1ha8a$1@dont-email.me> <jwvttifrysb.fsf-monnier+comp.arch@gnu.org> <f90b6e03c727b0f209d64484ec097298@www.novabbs.org> <v3jtd8$3qduu$2@dont-email.me> <20240603132227.00004e0f@yahoo.com> <k6k7O.8602$7jpd.5620@fx47.iad> <20240603174217.00005532@yahoo.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Injection-Date: Tue, 04 Jun 2024 04:00:55 +0200 (CEST) Injection-Info: dont-email.me; posting-host="d7d916175bb629e2353c22c0a9deb72e"; logging-data="140054"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+vzNihstsBbZcTAsS3Odxz" User-Agent: Pan/0.158 (Avdiivka; ) Cancel-Lock: sha1:McEAz+xYKu7Meg7Bd74grUb6fmQ= Bytes: 2620 On Mon, 3 Jun 2024 17:42:17 +0300, Michael S wrote: > On Mon, 03 Jun 2024 14:07:12 GMT scott@slp53.sl.home (Scott Lurndal) > wrote: > >> Most modern CPUs have instruction set support for symmetric ciphers >> such as AES, SM2/SM3 as well as message digest/hash (SHA1, SHA256 et >> al). >> > It is still not *too* fast. > 'Too fast' in my book is when with 1B to 10B USD worth of OTP servers > you can break cipher by brute force in less than 1 hour. The good algorithms are designed to be fast for encryption/decryption use, while still being uselessly slow for cracking purposes. Hash algorithms come in two flavours: cryptographic hashes (as mentioned above) and password hashes. Cryptographic hashes have to be fast to compute, but password hashes should take some appreciable fraction of a second. This is fast enough to authenticate a user logging in, while significantly slowing down password-guessing attacks. For example, the WordPress password-hashing algorithm takes a cryptographic hash like MD5 (considered crap nowadays), and iterates it 8000 times. And suddenly crap becomes good.