Re: Time Invariant String Comparison

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: Time Invariant String Comparison
From: William Ahern <william@...>
Date: Sun, 19 Jan 2014 14:05:28 -0800

On Sun, Jan 19, 2014 at 02:21:12PM -0430, Andres Perera wrote:
> On Thu, Jan 16, 2014 at 4:42 PM, William Ahern
<snip>
> > Cryptographic security depends on exponential cost differences. Key
> > stretching solutions like bcrypt and PBKDF2 add linear costs. Their security
> > is, therefore, mostly hype, IMNSHO.
> 
> this is a mathematically rediculous statement
> 
> if the increment to, eg, bcrypt number of rounds, entails linear cost,
> it can be adjusted to match exponential
> 
> n = 16777216 = 2 ^ 24
> 
> if the iterator for *anything* entails linear growth, it can be
> adjusted to match exponential
> 

I'm not going to bother responding to this because I'm an optimistic person,
and I believe that someday, after further reflection, you'll understand the
problems with your reply, and with your initial grasp of what I was trying
to say. I think it's self-evident without anybody having to spell it out.

Follow-Ups:
- Re: Time Invariant String Comparison, Andres Perera

References:
- Time Invariant String Comparison, Jason A. Donenfeld
- Re: Time Invariant String Comparison, Daniel Silverstone
- Re: Time Invariant String Comparison, Elias Barrionovo
- Re: Time Invariant String Comparison, Paige DePol
- Re: Time Invariant String Comparison, Oliver Kroth
- Re: Time Invariant String Comparison, Coda Highland
- Re: Time Invariant String Comparison, Pierre Chapuis
- Re: Time Invariant String Comparison, William Ahern
- Re: Time Invariant String Comparison, Andres Perera

Prev by Date: Re: Lpeg query
Next by Date: Re: Time Invariant String Comparison
Previous by thread: Re: Time Invariant String Comparison
Next by thread: Re: Time Invariant String Comparison
Index(es):
- Date
- Thread