diff options
| author | Joey Hess <joeyh@joeyh.name> | 2016-08-30 14:42:06 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2016-08-30 14:42:06 -0400 |
| commit | c273ac0173c9b277b2ba08a086e3091ba32d4319 (patch) | |
| tree | 3cb1d60625b537f38e6194c1c80a8b119a9b0aaf /Tunables.hs | |
| parent | fe975ad122c77b4936f3e28c868b056fdaf2f842 (diff) | |
| download | keysafe-c273ac0173c9b277b2ba08a086e3091ba32d4319.tar.gz | |
Improve time estimates, taking into account the number of cores.
This only affects time estimates while keysafe is generating hashes;
it does not affect cost estimates to brute-force.
Diffstat (limited to 'Tunables.hs')
| -rw-r--r-- | Tunables.hs | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/Tunables.hs b/Tunables.hs index 8d95ad5..3356516 100644 --- a/Tunables.hs +++ b/Tunables.hs @@ -89,16 +89,16 @@ defaultTunables = Tunables -- The nameGenerationHash was benchmarked at 600 seconds -- on a 2 core Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz. , nameGenerationTunable = NameGenerationTunable - { nameGenerationHash = argon2 10000 (coreCost 2 (Seconds 600)) + { nameGenerationHash = argon2 10000 (coreCost 2 (Seconds 600) d) } , keyEncryptionKeyTunable = KeyEncryptionKeyTunable - { keyEncryptionKeyHash = argon2 2700 (CPUCost (Seconds 12)) + { keyEncryptionKeyHash = argon2 2700 (CPUCost (Seconds 12) d) , randomSaltBytes = 1 -- The keyEncryptionKeyHash is run 256 times per -- random salt byte to brute-force, and its parameters -- were chosen so the total brute forcing time is 50 minutes, -- on a 2 core Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz. - , randomSaltBytesBruteForceCost = coreCost 2 (Seconds (50*60)) + , randomSaltBytesBruteForceCost = coreCost 2 (Seconds (50*60)) d } , encryptionTunable = UseAES256 } @@ -106,9 +106,12 @@ defaultTunables = Tunables argon2 i c = UseArgon2 c $ Argon2.HashOptions { Argon2.hashIterations = i , Argon2.hashMemory = 131072 -- 128 mebibtyes per thread - , Argon2.hashParallelism = 4 -- 4 threads + , Argon2.hashParallelism = + let Divisibility n = d + in fromIntegral n , Argon2.hashVariant = Argon2.Argon2i } + d = Divisibility 4 -- argon2 uses 4 threads -- | Dials back hash difficulty, lies about costs. -- Not for production use! @@ -118,17 +121,18 @@ testModeTunables = Tunables , objectSize = 1024*32 , shareOverhead = 2 , nameGenerationTunable = NameGenerationTunable - { nameGenerationHash = weakargon2 (coreCost 2 (Seconds 600)) + { nameGenerationHash = weakargon2 (coreCost 2 (Seconds 600) d) } , keyEncryptionKeyTunable = KeyEncryptionKeyTunable - { keyEncryptionKeyHash = weakargon2 (CPUCost (Seconds 12)) + { keyEncryptionKeyHash = weakargon2 (CPUCost (Seconds 12) d) , randomSaltBytes = 1 - , randomSaltBytesBruteForceCost = coreCost 2 (Seconds (50*60)) + , randomSaltBytesBruteForceCost = coreCost 2 (Seconds (50*60)) d } , encryptionTunable = UseAES256 } where weakargon2 c = UseArgon2 c Argon2.defaultHashOptions + d = Divisibility 4 knownObjectSizes :: [Int] knownObjectSizes = map (calc . snd) knownTunings |