Re: pgcrypto docs - Bruce Momjian

public inbox for [email protected]  
help / color / mirror / Atom feed

From: Bruce Momjian <[email protected]>
To: Miles Elam <[email protected]>
Cc: [email protected]
Subject: Re: pgcrypto docs
Date: Mon, 9 Dec 2013 16:13:30 -0500
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>
References: <CAPVvHdPj5rmf294FbWi2TuEy=hSxZMNjTURESaM5zY8P_wCJMg@mail.gmail.com>
	<[email protected]>
	<CAPVvHdPkcmpFRwVz=tUWEdc0782nDjR1wSM8v-2Eojpw0+prvA@mail.gmail.com>
	<[email protected]>
List-Unsubscribe: <mailto:[email protected]?body=unsub%20pgsql-docs>

On Wed, Dec  4, 2013 at 12:42:08PM -0500, Bruce Momjian wrote:
> On Tue, May  7, 2013 at 03:47:43PM -0700, Miles Elam wrote:
> > Personally I've found the relative times instructive, merely outdated.  Perhaps
> > using md5 as a baseline and evaluating estimates relative to that baseline?
> > 
> > md5 = 1
> > sha1 = 4
> > crypt-des = 7
> > crypt-md5 = 1,000
> > crypt-bf/5 = 12,500
> > crypt-bf/6 = 25,000
> > crypt-bf/7 = 50,000
> > crypt-bf/8 = 100,000
> > 
> > This way, with the caveat that performance will vary from machine to machine,
> > there is a sense of the relative costs of using each algorithm, which does not
> > change as wildly with time.  It lets people know how bad md5 and sha1 are for
> > protecting passwords et al.  It also demonstrates that each turn of blowfish in
> > this module effectively doubles the time needed to crack and halves the number
> > of hashes one can perform.
> > 
> > In short, I'd hate for the baby to be thrown out with the bathwater.
> 
> I have used your new testing times, plus added these relative
> measurements, which shoud give us the best of both worlds.  Patch
> attached; you can see the results here:


Patch applied.  Thanks.  I updated the patch to say Intel i3..

-- 
  Bruce Momjian  <[email protected]>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com

  + Everyone has their own god. +


-- 
Sent via pgsql-docs mailing list ([email protected])
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-docs

view thread (5+ messages)

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: [email protected]
  Cc: [email protected], [email protected]
  Subject: Re: pgcrypto docs
  In-Reply-To: <[email protected]>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox