CRYPTO NEWS

Relative bits of security of slower functions

Leaving memory-hardness assumptions aside, some slow hash functions are iterated salted hash-chain versions of regular cryptographic hashes. This is usually defined by a round parameter i.e., in PBKDF2. Is there any cryptography paper that addresses security-bits definition based on the factor of rounds of linear successive invocations (not parallel) for one output computation?

I.e., a concrete example: is breaking a pre-image of sha3(fresh_salt, input_value) easier than sha3(sha3(sha3(sha3(fresh_salt, input_value)))), and if yes does the latter offer 2-bits of extra security because the relative effort required by the attacker is 4 times more? Any research paper that discusses that (relative adversarial effort required between independent or linearly-dependent functions vs. pragmatic bits of offered security)?

Relative bits of security of slower functions

Shopping cart
There are no products in the cart!
Continue shopping
0