From c273ac0173c9b277b2ba08a086e3091ba32d4319 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Tue, 30 Aug 2016 14:42:06 -0400 Subject: Improve time estimates, taking into account the number of cores. This only affects time estimates while keysafe is generating hashes; it does not affect cost estimates to brute-force. --- Tunables.hs | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) (limited to 'Tunables.hs') diff --git a/Tunables.hs b/Tunables.hs index 8d95ad5..3356516 100644 --- a/Tunables.hs +++ b/Tunables.hs @@ -89,16 +89,16 @@ defaultTunables = Tunables -- The nameGenerationHash was benchmarked at 600 seconds -- on a 2 core Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz. , nameGenerationTunable = NameGenerationTunable - { nameGenerationHash = argon2 10000 (coreCost 2 (Seconds 600)) + { nameGenerationHash = argon2 10000 (coreCost 2 (Seconds 600) d) } , keyEncryptionKeyTunable = KeyEncryptionKeyTunable - { keyEncryptionKeyHash = argon2 2700 (CPUCost (Seconds 12)) + { keyEncryptionKeyHash = argon2 2700 (CPUCost (Seconds 12) d) , randomSaltBytes = 1 -- The keyEncryptionKeyHash is run 256 times per -- random salt byte to brute-force, and its parameters -- were chosen so the total brute forcing time is 50 minutes, -- on a 2 core Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz. - , randomSaltBytesBruteForceCost = coreCost 2 (Seconds (50*60)) + , randomSaltBytesBruteForceCost = coreCost 2 (Seconds (50*60)) d } , encryptionTunable = UseAES256 } @@ -106,9 +106,12 @@ defaultTunables = Tunables argon2 i c = UseArgon2 c $ Argon2.HashOptions { Argon2.hashIterations = i , Argon2.hashMemory = 131072 -- 128 mebibtyes per thread - , Argon2.hashParallelism = 4 -- 4 threads + , Argon2.hashParallelism = + let Divisibility n = d + in fromIntegral n , Argon2.hashVariant = Argon2.Argon2i } + d = Divisibility 4 -- argon2 uses 4 threads -- | Dials back hash difficulty, lies about costs. -- Not for production use! @@ -118,17 +121,18 @@ testModeTunables = Tunables , objectSize = 1024*32 , shareOverhead = 2 , nameGenerationTunable = NameGenerationTunable - { nameGenerationHash = weakargon2 (coreCost 2 (Seconds 600)) + { nameGenerationHash = weakargon2 (coreCost 2 (Seconds 600) d) } , keyEncryptionKeyTunable = KeyEncryptionKeyTunable - { keyEncryptionKeyHash = weakargon2 (CPUCost (Seconds 12)) + { keyEncryptionKeyHash = weakargon2 (CPUCost (Seconds 12) d) , randomSaltBytes = 1 - , randomSaltBytesBruteForceCost = coreCost 2 (Seconds (50*60)) + , randomSaltBytesBruteForceCost = coreCost 2 (Seconds (50*60)) d } , encryptionTunable = UseAES256 } where weakargon2 c = UseArgon2 c Argon2.defaultHashOptions + d = Divisibility 4 knownObjectSizes :: [Int] knownObjectSizes = map (calc . snd) knownTunings -- cgit v1.2.3