Content deleted Content added
m →Memory hard measure: remove uncessary yet another and fix passive voice |
Added a source for " iMHFs are mathematically proven to have weaker memory hardness properties than dMHFs". I did not originally write this sentence, but I noticed there was no citation, and since I was already studying this topic, I provided a citation. |
||
Line 18:
MHFs can be categorized into two different groups based on their evaluation patterns: data-dependent Memory-Hard Functions (dMHF) and data-independent Memory-Hard Functions (iMHF). dMHFs are MHFs where it is not clear which data is needed for the later steps of evaluating the function until the function is evaluated, while iMHFs are functions where there is no such ambiguity. <!-- this is probably a very confusing explanation, need to change! --> Examples of dMHFs are [[scrypt]] and [[Argon2]]d. Examples of iMHFs are [[Argon2]]i and [[catena (cryptography)|catena]]. Many of these MHFs are developed to be used as [[key derivation function|password hashing function]]s exactly because of their memory hardness.
A notable problem of dMHFs is that they are prone to [[side-channel attack]]s like cache timing. People tend toward iMHFs for this reason, especially for password hashing. However, iMHFs are mathematically proven to have weaker memory hardness properties than dMHFs.<ref>Alwen, J., Blocki, J. (2016). [https://doi.org/10.1007/978-3-662-53008-5_9''Efficiently Computing Data-Independent Memory-Hard Functions.'']</ref>
==Construction==
| |||