1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
module Tunables where
import Types
import Cost
import qualified Crypto.Argon2 as Argon2
data Tunables = Tunables
{ objectSize :: Int
-- ^ size of objects stored in keysafe, in bytes
, argonOptions :: Argon2.HashOptions
, argonCost :: Cost CreationOp
-- ^ should correspond to the argonOptions
, decryptionPuzzleCost :: Cost DecryptionOp
-- ^ cost of decryption puzzle
}
defaultTunables :: Tunables
defaultTunables = Tunables
{ objectSize = 1024*64 -- 64 kb
, argonOptions = Argon2.HashOptions
{ Argon2.hashIterations = 10000
, Argon2.hashMemory = 131072 -- 128 mebibtyes per thread
, Argon2.hashParallelism = 4 -- 4 threads
, Argon2.hashVariant = Argon2.Argon2i
}
-- argon2 is GPU and ASIC resistent, so it uses CPU time.
-- The above HashOptions were benchmarked at 661 seconds CPU time
-- on a 2 core Intel(R) Core(TM) i5-4210Y CPU @ 1.50GHz.
-- Since cost is measured per core, we double that.
, argonCost = CPUCost (Seconds (2*600))
-- AES can be calculated more efficiently by a GPU, so this
-- cost is a GPU cost.
-- This is set to only 1 minute because GPUs are quite a lot
-- faster than CPUs at AES, and so setting it higher would make
-- clients too slow at key recovery.
, decryptionPuzzleCost = GPUCost (Seconds 60)
}
-- | Dials back cryptographic difficulty, not for production use.
testModeTunables :: Tunables
testModeTunables = Tunables
{ objectSize = 1024*64
, argonOptions = Argon2.defaultHashOptions
, argonCost = CPUCost (Seconds (2*600))
, decryptionPuzzleCost = GPUCost (Seconds 60)
}
|