Changes between Version 6 and Version 7 of OneHundredYearCryptography


Ignore:
Timestamp:
2010-08-10T16:44:23Z (11 years ago)
Author:
zooko
Comment:

add parameters

Legend:

Unmodified
Added
Removed
Modified
  • OneHundredYearCryptography

    v6 v7  
    3030 * http://tahoe-lafs.org/pipermail/tahoe-dev/2010-July/004587.html
    3131
    32 Brian and David-Sarah wrote [wiki:OneHundredYearCryptography/hashbasedsig.py a simulator] or two to explore performance trade-offs in hash-based signature parameters. The output of one run is this:
     32Brian and David-Sarah wrote [wiki:OneHundredYearCryptography/hashbasedsig.py a simulator] or two to explore performance trade-offs in hash-based signature parameters. The output of one run with the following parameters is this:
     33{{{
     34# range of hash output lengths
     35range_L_hash = [128]
     36
     37lg_M = 53                   # lg(required number of signatures before losing security)
     38
     39limit_bytes = 480000        # limit on signature length
     40limit_cost = 500            # limit on Mcycles_Sig + weight_ver*Mcycles_ver
     41weight_ver = 1              # how important verification cost is relative to signature cost
     42                            # (note: setting this too high will just exclude useful candidates)
     43
     44L_block = 512               # bitlength of hash input blocks
     45L_pad   = 64                # bitlength of hash padding overhead (for M-D hashes)
     46L_label = 80                # bitlength of hash position label
     47L_prf   = 256               # bitlength of hash output when used as a PRF
     48cycles_per_byte = 15.8      # cost of hash
     49}}}
    3350{{{
    3451  w   A   h    T    lg_N   L_GMSS (bytes)   c_S_mean (Mcycles)  c_S_worst (Mcycles)   score