HOME

TheInfoList



Click Here for Items Related To - Balloon hashing
OR:
Balloon hashing on:   [Wikipedia]   [Google]   [Amazon]

Balloon hashing is a key derivation function presenting proven memory-hard password-hashing and modern design. It was created by
Dan Boneh Dan Boneh (; he, דן בונה) is an Israeli-American professor in applied cryptography and computer security at Stanford University. In 2016, Boneh was elected a member of the National Academy of Engineering for contributions to the theory an ...
, Henry Corrigan-Gibbs (both at
Stanford University Stanford University, officially Leland Stanford Junior University, is a private research university in Stanford, California. The campus occupies , among the largest in the United States, and enrolls over 17,000 students. Stanford is consider ...
) and Stuart Schechter (
Microsoft Research Microsoft Research (MSR) is the research subsidiary of Microsoft. It was created in 1991 by Richard Rashid, Bill Gates and Nathan Myhrvold with the intent to advance state-of-the-art computing and solve difficult world problems through technologi ...
) in 2016. It is a recommended function in NIST password guidelines.NIST SP800-63B Section 5.1.1.2
/ref> The authors claim that Balloon: * has ''proven'' memory-hardness properties, * is built from standard primitives: it can use any standards non-space-hard
cryptographic hash function A cryptographic hash function (CHF) is a hash algorithm (a map of an arbitrary binary string to a binary string with fixed size of n bits) that has special properties desirable for cryptography: * the probability of a particular n-bit output re ...
as a sub-algorithm (e.g.,
SHA-3 SHA-3 (Secure Hash Algorithm 3) is the latest member of the Secure Hash Algorithm family of standards, released by NIST on August 5, 2015. Although part of the same series of standards, SHA-3 is internally different from the MD5-like struc ...
,
SHA-512 SHA-2 (Secure Hash Algorithm 2) is a set of cryptographic hash functions designed by the United States National Security Agency (NSA) and first published in 2001. They are built using the Merkle–Damgård construction, from a one-way compression ...
), * is resistant to
side-channel attack In computer security, a side-channel attack is any attack based on extra information that can be gathered because of the fundamental way a computer protocol or algorithm is implemented, rather than flaws in the design of the protocol or algori ...
s: the memory access pattern is independent of the data to be hashed, * is easy to implement and matches the performance of similar algorithms. Balloon is compared by its authors with
Argon2 Argon2 is a key derivation function that was selected as the winner of the 2015 Password Hashing Competition. It was designed by Alex Biryukov, Daniel Dinu, and Dmitry Khovratovich from the University of Luxembourg. The reference implementation o ...
, a similarly performing algorithm.


Algorithm

There are three steps in the algorithm: # Expansion, where an initial buffer is filled with a
pseudorandom A pseudorandom sequence of numbers is one that appears to be statistically random, despite having been produced by a completely deterministic and repeatable process. Background The generation of random numbers has many uses, such as for rand ...
byte sequence derived from the password and salt repeatedly hashed. # Mixing, where the bytes in the buffer are mixed ''time_cost'' number of times. # Output, where a portion of the buffer is taken as the hashing result.


References


External links


Research prototype code on Github

Python implementation

Rust implementation
* * {{Cryptography navbox , hash category:Key derivation functions