The Argon2 password hashing algorithm has a hardcoded 4 terabyte (tebibyte) maximum limit of memory it can be specified to use. This seems like a terrible idea -- the limit (if any) should be much higher. Can Argon2 be easily extended to use more memory?
There are computers right now that have over 4 TB of RAM (granted, they are supercomputers) and that much RAM or more will likely become more accessible in the near future. (The addressable limit -- currently 8 TB for amd64 -- will also likely increase.) Furthermore, even if they don't become commonplace, an organization for whom security is very important might get a single expensive computer dedicated to password hashing, making attacking a hashed password very expensive for adversaries.
Repeating the Bill Gates mistake: N units [of memory] should be enough for everyone.
No comments :
Post a Comment