Stronger Key Derivation Via Sequential Memory-Hard Functions
Date: May 2009
Publication: BSDCan 2009
Source 1: http://www.bsdcan.org/2009/schedule/attachments/87_scrypt.pdf
Source 2: http://www.tarsnap.com/scrypt/scrypt.pdf
We introduce the concepts of memory-hard algorithms and sequential memory-hard functions, and argue that in order for key derivation functions to be maximally secure against attacks using custom hardware, they should be constructed from sequential memory-hard functions. We present a family of key derivation functions which, under the random oracle model of cryptographic hash functions, are provably sequential memory-hard, and a variation which appears to be marginally stronger at the expense of lacking provable strength. Finally, we provide some estimates of the cost of performing brute force attacks on a variety of password strengths and key derivation functions.
Do you have additional information to contribute regarding this research paper? If so, please email firstname.lastname@example.org with the details.