Re: pgcrypto docs

Поиск
Список
Период
Сортировка
От Miles Elam
Тема Re: pgcrypto docs
Дата
Msg-id CAPVvHdPkcmpFRwVz=tUWEdc0782nDjR1wSM8v-2Eojpw0+prvA@mail.gmail.com
обсуждение исходный текст
Ответ на Re: pgcrypto docs  (Tom Lane <tgl@sss.pgh.pa.us>)
Ответы Re: pgcrypto docs
Список pgsql-docs
Дерево обсуждения
Personally I've found the relative times instructive, merely outdated.  Perhaps using md5 as a baseline and evaluating estimates relative to that baseline?

md5 = 1
sha1 = 4
crypt-des = 7
crypt-md5 = 1,000
crypt-bf/5 = 12,500
crypt-bf/6 = 25,000
crypt-bf/7 = 50,000
crypt-bf/8 = 100,000

This way, with the caveat that performance will vary from machine to machine, there is a sense of the relative costs of using each algorithm, which does not change as wildly with time.  It lets people know how bad md5 and sha1 are for protecting passwords et al.  It also demonstrates that each turn of blowfish in this module effectively doubles the time needed to crack and halves the number of hashes one can perform.

In short, I'd hate for the baby to be thrown out with the bathwater.


Cheers,

Miles Elam



On Tue, May 7, 2013 at 3:05 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
Miles Elam <mileselam+postgresql@gmail.com> writes:
> Currently the docs show various stats on hashes per second and time needed
> to find a particular key.  Unfortunately since the times are based upon a
> Pentium 4 @1.5GHz, I worry that many would take the advice on that page at
> face value, e.g., "more than 100/sec is too much while less than 4/sec is
> too few," with a P4 in mind.

It seems like this table is guaranteed to be obsolete in a few years
no matter what.  Can we get rid of it entirely?

                        regards, tom lane

В списке pgsql-docs по дате отправления:

Предыдущее
От: Tom Lane
Дата:
Сообщение: Re: pgcrypto docs
Следующее
От: Erwin Brandstetter
Дата:
Сообщение: Reference function arguments by name