diff options
author | Joey Hess <joeyh@joeyh.name> | 2016-08-07 11:44:23 -0400 |
---|---|---|
committer | Joey Hess <joeyh@joeyh.name> | 2016-08-07 11:44:23 -0400 |
commit | 016877aa55764d14af3c16645d64fd95bf6a2da1 (patch) | |
tree | c92c27e15317044af714e25ef16b6bca09a70a40 | |
parent | 2881564838b52658e4a2bf624b07ad5b54a0a42f (diff) | |
download | keysafe-016877aa55764d14af3c16645d64fd95bf6a2da1.tar.gz |
aws spot instance attack cost estimate
-rw-r--r-- | Cost.hs | 33 | ||||
-rw-r--r-- | Tunables.hs | 3 |
2 files changed, 34 insertions, 2 deletions
@@ -6,7 +6,10 @@ import Utility.HumanTime import Data.Monoid -- | An estimated cost to perform an operation. -data Cost op = CPUCost Seconds | GPUCost Seconds | CombinedCost (Cost op) (Cost op) +data Cost op + = CPUCost Seconds + | GPUCost Seconds + | CombinedCost (Cost op) (Cost op) deriving (Show) newtype Seconds = Seconds Integer @@ -80,5 +83,33 @@ bruteForceLinearSearch stepcost e = class Bruteforceable t a where getBruteCostCalc :: t -> CostCalc BruteForceOp a +-- | Estimate of cost of a brute force attack. estimateBruteforceOf :: Bruteforceable t a => t -> Entropy a -> Cost BruteForceOp estimateBruteforceOf t e = getBruteCostCalc t e + +-- | Estimate of cost of brute force attack using AWS Spot instances, +-- in US dollars. +-- +-- August 2016 spot pricing: 36 CPU core c4.8xlarge at 33c/hour +-- +-- Note that less GPU time is available on these instances; +-- there are not 36 GPU cores. But for simplicity we assume there are +-- that many GPU cores. So, this underestimates the price to brute +-- force such operations. +estimateAWSSpotAttack :: Cost BruteForceOp -> Dollars +estimateAWSSpotAttack opcost = centsToDollars $ costcents + where + (Seconds cpuseconds) = fst (totalCost opcost) + cpuyears = cpuseconds `div` (60*60*24*365) + cpucores = 36 + costpercpuyear = Cents (33*24*365 `div` cpucores) + costcents = Cents cpuyears * costpercpuyear + +newtype Cents = Cents Integer + deriving (Num, Integral, Enum, Real, Ord, Eq, Show) + +newtype Dollars = Dollars Integer + deriving (Num, Integral, Enum, Real, Ord, Eq, Show) + +centsToDollars :: Cents -> Dollars +centsToDollars (Cents c) = Dollars (c `div` 100) diff --git a/Tunables.hs b/Tunables.hs index 5c39a2d..f5832b4 100644 --- a/Tunables.hs +++ b/Tunables.hs @@ -23,7 +23,8 @@ defaultTunables = Tunables -- argon2 is GPU and ASIC resistent, so it uses CPU time. -- The above HashOptions were benchmarked at 661 seconds CPU time -- on a 2 core Intel(R) Core(TM) i5-4210Y CPU @ 1.50GHz. - , argonCost = CPUCost (Seconds 600) + -- Since cost is measured per core, we double that. + , argonCost = CPUCost (Seconds (2*600)) -- AES can be calculated more efficiently by a GPU, so this -- cost is a GPU cost. -- This is set to only 1 minute because GPUs are quite a lot |