From: | Bruce Momjian <bruce(at)momjian(dot)us> |
---|---|
To: | Miles Elam <mileselam+postgresql(at)gmail(dot)com> |
Cc: | pgsql-docs(at)postgresql(dot)org |
Subject: | Re: pgcrypto docs |
Date: | 2013-12-09 21:13:30 |
Message-ID: | 20131209211330.GB2119@momjian.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-docs |
On Wed, Dec 4, 2013 at 12:42:08PM -0500, Bruce Momjian wrote:
> On Tue, May 7, 2013 at 03:47:43PM -0700, Miles Elam wrote:
> > Personally I've found the relative times instructive, merely outdated. Perhaps
> > using md5 as a baseline and evaluating estimates relative to that baseline?
> >
> > md5 = 1
> > sha1 = 4
> > crypt-des = 7
> > crypt-md5 = 1,000
> > crypt-bf/5 = 12,500
> > crypt-bf/6 = 25,000
> > crypt-bf/7 = 50,000
> > crypt-bf/8 = 100,000
> >
> > This way, with the caveat that performance will vary from machine to machine,
> > there is a sense of the relative costs of using each algorithm, which does not
> > change as wildly with time. It lets people know how bad md5 and sha1 are for
> > protecting passwords et al. It also demonstrates that each turn of blowfish in
> > this module effectively doubles the time needed to crack and halves the number
> > of hashes one can perform.
> >
> > In short, I'd hate for the baby to be thrown out with the bathwater.
>
> I have used your new testing times, plus added these relative
> measurements, which shoud give us the best of both worlds. Patch
> attached; you can see the results here:
Patch applied. Thanks. I updated the patch to say Intel i3..
--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ Everyone has their own god. +
From | Date | Subject | |
---|---|---|---|
Next Message | Bill Moran | 2013-12-10 11:37:42 | Re: PG replication across DataCenters |
Previous Message | Thomas Harold | 2013-12-09 16:39:20 | Re: PG replication across DataCenters (section 25 in the manual) |