Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:121226
Return-Path: <steve@tobtu.com>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 13165 invoked from network); 5 Oct 2023 00:07:58 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 5 Oct 2023 00:07:58 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 8F27D18005C
	for <internals@lists.php.net>; Wed,  4 Oct 2023 17:07:57 -0700 (PDT)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_NONE,
	RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,SPF_PASS,
	T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.2
X-Spam-ASN: AS8560 74.208.0.0/16
X-Spam-Virus: No
X-Envelope-From: <steve@tobtu.com>
Received: from mout.perfora.net (mout.perfora.net [74.208.4.197])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Wed,  4 Oct 2023 17:07:56 -0700 (PDT)
Received: from oxusgaltgw00.schlund.de ([10.72.72.46]) by mrelay.perfora.net
 (mreueus003 [74.208.5.2]) with ESMTPSA (Nemesis) id 0M2sbo-1reE1v2pXC-00si1K;
 Thu, 05 Oct 2023 02:07:53 +0200
Date: Wed, 4 Oct 2023 19:07:53 -0500 (CDT)
To: =?UTF-8?Q?Tim_D=C3=BCsterhus?= <tim@bastelstu.be>,
	PHP internals <internals@lists.php.net>
Message-ID: <263398749.1356563.1696464473187@email.ionos.com>
In-Reply-To: <a9b0d24f-fe59-75af-4b1e-dcd8067482b0@bastelstu.be>
References: <a9b0d24f-fe59-75af-4b1e-dcd8067482b0@bastelstu.be>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Priority: 3
Importance: Normal
X-Mailer: Open-Xchange Mailer v7.10.6-Rev52
X-Originating-Client: open-xchange-appsuite
X-Provags-ID: V03:K1:+NL7rM84I8Cr6dOY4pIYDks7gG+oXyg+jEvX+1mbGJUgkxPf4kK
 lUkQz1EXmaw4Mb9I4v80+lW8quHNMVv8WDoFEKrg7M8vQ5bEjNNUeBXfdxBqXGJb2Z2RsYH
 2QbNKA582MzEdLqQL3Uu3EcidnLTELh0P5Aj9jIrECSshcBP/egtgYFbvA6YhXSf8rQAT/G
 iqk8n9wTGCB1Jc7ilQmEA==
UI-OutboundReport: notjunk:1;M01:P0:1QPJJ8MaM4k=;9r1r4mejVt1gdFmK4vjDXTY9rhK
 qsJnG27RIS3cPjfIp4SaGQZlrCbtDA320Fx343fz+ctmUt2kwBkCbKv5XfpoIRWWRCWrQjh8q
 HX1Ah/vRvneUmf0m59Dh1BfKgs2Rv8HHfmkPzrAQ2srSUN2cYW2hAK7cFoZ83qdHgmFEr81EB
 B8xZwl+vhENYKTUKqcJQjXSopTBMmVmRQphWWZTmmXIpp97Jw8fW9ky4Hj4uwj6JqSWpPz3ns
 j1pz1WZnXBvQjYlgvoEc4lde1z9v5LEBiBukBPjjAQVXtS6ACQqyVEghzRRbJoUqSXrRS22mj
 mwFttLOaNzVMA78E6/kpIcqfL/bzwiDEJz2+Jfx7vwazrwFalcbYVPuFF6M6ti/msUYiXjDZD
 n5WJw0hMtRbxymzBcFgc+1lz239zJFdqAx9iDw23FRI5aavfm68RxKFp3xMp+FFBR3H2WTDKL
 DywilLTqZkLydsw1bpdshKrh0O5Rj8nuIoHXh26r/8sKK0xNxzTHVRFaIW5FWsCSO78vgY4t3
 Wu/cgrkyhtzx95hBg+ASZ4a27Uy3GAuGu/+8cvSgtgDLmF3KEVxvT8x1u9sRgKabEGj8r/l9A
 pfV7Mj3gs7FQIleE5pBQJgJp7olYLmv/TB5P6jfeFe7Kfx4lXH+FnBwjoDq1aqvhhRIDbUfzV
 iQdlpPApPW13NW6XZ4BY9EpHJnYXw9pgfUiDTqiu0bgIEFcdamehid6Ad7YvSVdGBvTAy6U2c
 +7HBd9OVqZApJio0mF34IvkK05Zp7cFyFZjUpJCOohupOrNgnyVfEUHFxxNy1WkixkYXPXzHu
 C0eXXHaBvJLUBTfV+ULNaEA55RpQgAbqYrCSK5mpMpQpDexTSl2pD2gP/qRyhkarSZKusfcl9
 Ky18OKVpElFjdWQ==
Subject: Re: [PHP-DEV] [VOTE] Increasing the default BCrypt cost
From: steve@tobtu.com

I know I'm late but bcrypt cost 12 (which looks like the winner) is high. C=
ost 12 is ~1 kH/s/GPU and the accepted limit for good settings is <10 kH/s/=
GPU. Cost 12 is 10x stronger than it needs to be as a *minimum*. I believe =
cost 10 is a good *default* for the next 1-3 years and cost 11 should be go=
od for the next 5-10 years.

There are two methods for picking settings: defender takes =E2=89=B2100 ms =
and attacker gets <10 kH/s/GPU. Costs 9, 10, and 11 are the only ones that =
meet both limits (cost 11 for some defenders).

Also the poll for increasing from cost 11 to cost 12 should be a 2/3 majori=
ty to get cost 12. Since the poll for increasing from cost 10 to cost 11 is=
 a 2/3 majority. You can think of this as a 2/3 majority poll to increase t=
o cost 11 followed by a 2/3 majority poll to increase to cost 12.


> On 09/21/2023 12:26 PM CDT Tim D=C3=BCsterhus <tim@bastelstu.be> wrote:
>=20
> =20
> Hi
>=20
> I just opened the vote for the "Increasing the default BCrypt cost" RFC.=
=20
> The RFC contains a two votes, one primary vote that requires a 2/3
> majority to pass and a secondary vote deciding on the new costs with a=20
> simple majority. Voting runs 2 weeks until 2023-10-05 17:45 UTC.
>=20
> Please find the following resources for your references:
>=20
> RFC Text: https://wiki.php.net/rfc/bcrypt_cost_2023
> Discussion Thread: https://externals.io/message/121004
> Feedback by a Hashcat team member on Fediverse:=20
> https://phpc.social/@tychotithonus@infosec.exchange/111025157601179075
>=20
> Best regards
> Tim D=C3=BCsterhus
>=20
> --=20
> PHP Internals - PHP Runtime Development Mailing List
> To unsubscribe, visit: https://www.php.net/unsub.php