Public
- Public
- Network
- Groups
- Featured
- Popular
- People

Conversation

Notices

Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Wednesday, 12-Feb-2025 17:39:10 JST Ryan Castellucci :nonbinary_flag:
- Royce Williams
- Chick3nman
Yescrypt with a cost factor of 5 is actively painful on my Raspberry Pi Model B Rev 2, how much can I lower it?
cc @chick3nman @tychotithonus

In conversation about 4 months ago from infosec.exchange permalink
- Embed this notice
  Royce Williams (tychotithonus@infosec.exchange)'s status on Thursday, 13-Feb-2025 02:05:24 JST Royce Williams
  in reply to
  - Chick3nman
  @ryanc
  Hmm! I haven't spent much time attacking yescrypt yet, but since it's based on scrypt, it has other parameters to tweak.
  It looks like the spec minimum of 5 for n is implemented for common OS-level implementations?
  https://www.reddit.com/r/Passwords/comments/1cd58c3/
  I do not know if the r parameter can be reduced in the defaults (login.defs or whatever the equivalent is on your OS). If you can reduce r, you can drop speed further. In theory, you might be able to use mkpasswd to drop r manually and then paste that hash in?
  How many milliseconds is it taking for you on that platform?
  @chick3nman
  In conversation about 4 months ago permalink
  Attachments
  1. No result found on File_thumbnail lookup.
    
    tweak.it

Feeds