Abstract. Memory-hard functions (MHFs) are a vital cryptographic tool to protect low-entropy secrets, such as user chosen passwords, against brute-force attacks. Although many candidate MHFs emerged during the Password Hashing Competition (2013–2015), scientific understanding of MHFs has advanced significantly since then. This talk will provide an overview of MHF research over the past decade, with key highlights including: (1) identifying weaknesses in early definitions of "memory-hardness," (2) developing improved security definitions for MHFs, (3) analyzing pebbling attacks on Argon2i (the PHC winner) and other proposed side-channel-resistant MHFs, (4) exploring the link between MHF security and the combinatorial graph-theoretic property known as depth-robustness, and (5) improved constructions of side-channel resistant MHFs. Additionally, the talk will address ongoing research challenges and offer the speaker's perspective on the standardization process for password hashing functions.
Suggested Readings: ia.cr/2016/115, ia.cr/2018/944, ia.cr/2022/832
Security and Privacy: cryptography