Evaluate tobtu.com minimum password settings recommendations #331
Description
This guide enumerates the minimum settings required to slow attackers to <10 kH/s/GPU (using RTX 3080 or RX 6800 XT as reference GPUs) for various algorithms we implement:
https://tobtu.com/minimum-password-settings/
It might be a good idea to incorporate them into our documentation and/or use them to inform our recommendations/defaults.
Argon2
- Argon2{id,d}: m=44*1024 (44 MiB), t=1, p=1
- Argon2{id,d}: m=18*1024 (18 MiB), t=2, p=1
- Argon2: m=11*1024 (11 MiB), t=3, p=1
- Argon2: m=8*1024 (8 MiB), t=4, p=1
- Argon2: m=7*1024 (7 MiB), t=5, p=1
In general:
Argon2i: m≥89062.5/(3*t-1)*α, t≥3, p=1
Argon2{id,d}: m≥89062.5/(3*t-1)*α, t≥1, p=1
RTX 3080 12GB memory bandwidth: 89,062.5 = 912,000,000,000/10,000/1024
For low memory usage (≲64 MiB) α≈95%. Once memory usage is high enough α drops proportional to memory increase.
scrypt
- N=2^17 (128 MiB), r=8, p=1
- N=2^16 (64 MiB), r=8, p=2
- N=2^15 (32 MiB), r=8, p=3
- N=2^14 (16 MiB), r=8, p=5
- N=2^13 (8 MiB), r=8, p=9
In general:
scrypt: N≥570000/r/p*α, r=8, p≥1
RTX 3080 12GB memory bandwidth: 570,000 = 912,000,000,000/10,000/128/1.25
For low memory usage (≲64 MiB) α≈95%. Once memory usage is high enough α drops proportional to memory increase.
PBKDF2
- PBKDF2-HMAC-SHA512: 130,000 iterations (Based on RTX 3080 12GB)
- PBKDF2-HMAC-SHA256: 350,000 iterations (Based on RX 6800 XT)
- PBKDF2-HMAC-SHA1: 860,000 iterations (Based on RX 6800 XT)