pgcrypto docs

Currently the docs show various stats on hashes per second and time needed
to find a particular key. Unfortunately since the times are based upon a
Pentium 4 @1.5GHz, I worry that many would take the advice on that page at
face value, e.g., "more than 100/sec is too much while less than 4/sec is
too few," with a P4 in mind.

Using a first-generation Core i5 processor as a baseline, we're looking
roughly at about a 64x increase in processing power, not including any
dedicated crypto processing in hardware like their AES extensions.

The new table, simplistically adjusted by 64x is as follows.

Algorithm Hashes/sec For [a-z] For [A-Za-z0-9]
--------------------------------------------
crypt-bf/8 1792 4 years 3927 years
crypt-bf/7 3648 2 years 1929 years
crypt-bf/6 7168 1 year 982 years
crypt-bf/5 13504 188 days 521 years
crypt-md5 171584 15 days 41 years
crypt-des 23221568 157.5 minutes 108 days
sha1 37774272 90 minutes 68 days
md5 150085504 22.5 minutes 17 days
--------------------------------------------

Perhaps with a more up to date dataset, users would be far less likely to
use far more turns of blowfish and be far more (read: appropriately) averse
to using schemes like md5. After all, who wants to use a hash that can be
cracked on 2-year old mainstream consumer processors in less than half an
hour, let alone dedicated hardware with real money behind it.

Unfortunately I only have laptops, no desktops these days. (A sign of the
times?) So while I could re-run these benchmarks on a mobile i3, I don't
know if that is what is appropriate for this data table.

Anyway, food for thought.

Cheers,

Miles Elam