diff options
| author | Joey Hess <joeyh@joeyh.name> | 2016-08-30 14:12:22 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2016-08-30 14:12:25 -0400 |
| commit | fe975ad122c77b4936f3e28c868b056fdaf2f842 (patch) | |
| tree | 3b1816d9820720c87acc3d08adcff798f53381ca /Tunables.hs | |
| parent | 62a97cabd895001d4dc552823633aabe53d54358 (diff) | |
| download | keysafe-fe975ad122c77b4936f3e28c868b056fdaf2f842.tar.gz | |
Tuned argon2 hash parameters on better hardware than my fanless laptop.
Used a Purism Librem 13. The name generation hash was already ok,
but the key encryption key hash was quite off.
This is not a total blazing top of the line server, but that's ok;
keysafe's hashes are intended to be tuned for commodity hardware.
It should not take a user more than an hour to restore a key.
The spotAWS value is adjusted because AWS's c4.8xlarge instances run at
up to 3.5Ghz, compared with the 2.20Ghz of the Librem 13. Basically
it's one Moore's doubling ahead of the reference laptop.
Diffstat (limited to 'Tunables.hs')
| -rw-r--r-- | Tunables.hs | 20 |
1 files changed, 9 insertions, 11 deletions
diff --git a/Tunables.hs b/Tunables.hs index 07b4c61..8d95ad5 100644 --- a/Tunables.hs +++ b/Tunables.hs @@ -86,21 +86,19 @@ defaultTunables = Tunables { shareParams = ShareParams { totalObjects = 3, neededObjects = 2 } , objectSize = 1024*32 -- 32 kb , shareOverhead = 2 - -- The nameGenerationHash was benchmarked at 661 seconds CPU time - -- on a 2 core Intel(R) Core(TM) i5-4210Y CPU @ 1.50GHz. - -- Since cost is measured per core, we double that. + -- The nameGenerationHash was benchmarked at 600 seconds + -- on a 2 core Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz. , nameGenerationTunable = NameGenerationTunable - { nameGenerationHash = argon2 10000 (CPUCost (Seconds (2*600))) + { nameGenerationHash = argon2 10000 (coreCost 2 (Seconds 600)) } , keyEncryptionKeyTunable = KeyEncryptionKeyTunable - { keyEncryptionKeyHash = argon2 115 (CPUCost (Seconds 0)) + { keyEncryptionKeyHash = argon2 2700 (CPUCost (Seconds 12)) , randomSaltBytes = 1 -- The keyEncryptionKeyHash is run 256 times per -- random salt byte to brute-force, and its parameters -- were chosen so the total brute forcing time is 50 minutes, - -- on a 2 core Intel(R) Core(TM) i5-4210Y CPU @ 1.50GHz. - -- Since cost is measured per core, we double that. - , randomSaltBytesBruteForceCost = CPUCost (Seconds (2*50*60)) + -- on a 2 core Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz. + , randomSaltBytesBruteForceCost = coreCost 2 (Seconds (50*60)) } , encryptionTunable = UseAES256 } @@ -120,12 +118,12 @@ testModeTunables = Tunables , objectSize = 1024*32 , shareOverhead = 2 , nameGenerationTunable = NameGenerationTunable - { nameGenerationHash = weakargon2 (CPUCost (Seconds (2*600))) + { nameGenerationHash = weakargon2 (coreCost 2 (Seconds 600)) } , keyEncryptionKeyTunable = KeyEncryptionKeyTunable - { keyEncryptionKeyHash = weakargon2 (CPUCost (Seconds 0)) + { keyEncryptionKeyHash = weakargon2 (CPUCost (Seconds 12)) , randomSaltBytes = 1 - , randomSaltBytesBruteForceCost = CPUCost (Seconds (2*50*60)) + , randomSaltBytesBruteForceCost = coreCost 2 (Seconds (50*60)) } , encryptionTunable = UseAES256 } |