disable decryption puzzle, at least for now

It only adds 1 minute GPU time to each crack attempt, on top of the 10
minutes CPU time needed to argon2 the password. Since my implementation of
the AES puzzle is currently really slow, this is not worth it.

Will revisit when I have a faster AES library to use, or a better puzzle.

1 files changed, 6 insertions, 7 deletions

diff --git a/Tunables.hs b/Tunables.hs
index 1ecccf6..0053668 100644
--- a/Tunables.hs
+++ b/Tunables.hs
@@ -69,12 +69,11 @@ defaultTunables = Tunables
 	, objectSize = 1024*64 -- 64 kb
 	, expensiveHashTunable = UseArgon2 argonoptions argoncost
 	, encryptionTunable = UseAES256
-	-- AES can be calculated more efficiently by a GPU, so the
-	-- cost is a GPU cost.
-	-- This is set to only 1 minute because GPUs are quite a lot
-	-- faster than CPUs at AES, and so setting it higher would make
-	-- clients too slow at key recovery.
-	, decryptionPuzzleTunable = KeyBlindingLeftSide (GPUCost (Seconds 60))
+	-- Setting this to eg, Seconds 60 only makes each password
+	-- guess 60 seconds longer on a GPU. But, on a CPU, keysafe
+	-- has to work for quite a long time to solve such a puzzle.
+	-- So, currently disabling the puzzle with Seconds 0.
+	, decryptionPuzzleTunable = KeyBlindingLeftSide (GPUCost (Seconds 0))
 	}
   where
 	argonoptions = Argon2.HashOptions
@@ -96,7 +95,7 @@ testModeTunables = Tunables
 	, objectSize = 1024*64
 	, expensiveHashTunable = UseArgon2 weakargonoptions argoncost
 	, encryptionTunable = UseAES256
-	, decryptionPuzzleTunable = KeyBlindingLeftSide (GPUCost (Seconds 1))
+	, decryptionPuzzleTunable = KeyBlindingLeftSide (GPUCost (Seconds 0))
 	}
   where
 	UseArgon2 argonoptions argoncost = expensiveHashTunable defaultTunables