I know I'm late but bcrypt cost 12 (which looks like the winner) is high. Cost 12 is ~1 kH/s/GPU and the accepted limit for good settings is <10 kH/s/GPU. Cost 12 is 10x stronger than it needs to be as a *minimum*. I believe cost 10 is a good *default* for the next 1-3 years and cost 11 should be good for the next 5-10 years.
There are two methods for picking settings: defender takes ≲100 ms and attacker gets <10 kH/s/GPU. Costs 9, 10, and 11 are the only ones that meet both limits (cost 11 for some defenders). Also the poll for increasing from cost 11 to cost 12 should be a 2/3 majority to get cost 12. Since the poll for increasing from cost 10 to cost 11 is a 2/3 majority. You can think of this as a 2/3 majority poll to increase to cost 11 followed by a 2/3 majority poll to increase to cost 12. > On 09/21/2023 12:26 PM CDT Tim Düsterhus <t...@bastelstu.be> wrote: > > > Hi > > I just opened the vote for the "Increasing the default BCrypt cost" RFC. > The RFC contains a two votes, one primary vote that requires a 2/3 > majority to pass and a secondary vote deciding on the new costs with a > simple majority. Voting runs 2 weeks until 2023-10-05 17:45 UTC. > > Please find the following resources for your references: > > RFC Text: https://wiki.php.net/rfc/bcrypt_cost_2023 > Discussion Thread: https://externals.io/message/121004 > Feedback by a Hashcat team member on Fediverse: > https://phpc.social/@tychotithonus@infosec.exchange/111025157601179075 > > Best regards > Tim Düsterhus > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: https://www.php.net/unsub.php -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: https://www.php.net/unsub.php
