Argon2

Argon2 is a key derivation function that was selected as the winner of the Password Hashing Competition in July 2015.^[1]^[2] It was designed by Alex Biryukov, Daniel Dinu, and Dmitry Khovratovich from University of Luxembourg.^[3] Argon2 is released under a Creative Commons CC0 license, and provides two related versions:

Argon2d maximizes resistance to GPU cracking attacks.
Argon2i is optimized to resist side-channel attacks.

Both allow specification by three parameters that control:

execution time
memory required
degree of parallelism

Cryptanalysis

While there is no public cryptanalysis applicable to Argon2d, there are two published attacks on the Argon2i function.

The first attack shows that it is possible to compute a single-pass Argon2i function using between a quarter and a fifth of the desired space with no time penalty, and compute a multiple-pass Argon2i using only $N$ / $e$ < $N$ /2.71 space with no time penalty.^[4]

The second attack shows that Argon2i can be computed by an algorithm which has complexity O( $n$ ^7/4 log( $n$ )) for all choices of parameters $σ$ (space cost), $τ$ (time cost), and thread-count such that $n$ = $σ$ ∗ $τ$ .^[5]

External links

Argon2 source code repository on Github

References

↑ "Password Hashing Competition"
↑ Jos Wetzels (2016-02-08). "Open Sesame: The Password Hashing Competition and Argon2" (PDF).
↑ Argon2: the memory-hard function for password hashing and other applications, Alex Biryukov, et al, October 1, 2015
↑ Henry Corrigan-Gibbs, Dan Boneh, Stuart Schechter (2016-01-14). "Balloon Hashing: Provably Space-Hard Hash Functions with Data-Independent Access Patterns" (PDF).
↑ Joel Alwen, Jeremiah Blocki (2016-02-19). "Efficiently Computing Data-Independent Memory-Hard Functions" (PDF).

This article is issued from Wikipedia - version of the Thursday, February 25, 2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.