summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2013-04-05 11:38:02 +0000
committerChristian Grothoff <christian@grothoff.org>2013-04-05 11:38:02 +0000
commitf215983130428573f83a99628f8e450c2a761f65 (patch)
tree70b611302b9ed76c045d684ecf27e2b633da17a4 /src
parent893acb679e80a7ad9c38885711139a9619fb4c6c (diff)
use SCRYPT - fixing # 2685, needs LATEST libgcrypt (Git from today)
Diffstat (limited to 'src')
-rw-r--r--src/nse/gnunet-service-nse.c2
-rw-r--r--src/nse/nse.conf.in23
-rw-r--r--src/nse/perf_kdf.c2
3 files changed, 19 insertions, 8 deletions
diff --git a/src/nse/gnunet-service-nse.c b/src/nse/gnunet-service-nse.c
index 2b7b3f8ee..d427602d1 100644
--- a/src/nse/gnunet-service-nse.c
+++ b/src/nse/gnunet-service-nse.c
@@ -492,7 +492,7 @@ pow_hash (const void *buf,
{
GNUNET_break (0 ==
gcry_kdf_derive (buf, buf_len,
- GCRY_KDF_PBKDF2 /* FIX: use SCRYPT! */,
+ GCRY_KDF_SCRYPT,
1 /* subalgo */,
"gnunet-proof-of-work", strlen ("gnunet-proof-of-work"),
2 /* iterations; keep cost of individual op small */,
diff --git a/src/nse/nse.conf.in b/src/nse/nse.conf.in
index 84bbef5c5..64e07945e 100644
--- a/src/nse/nse.conf.in
+++ b/src/nse/nse.conf.in
@@ -11,18 +11,29 @@ UNIX_MATCH_UID = NO
UNIX_MATCH_GID = YES
PROOFFILE = $SERVICEHOME/.nse-proof
-# The directory where the NSE services logs timestamps everytime a size estime
-# flooding message is received
+# The directory where the NSE services logs timestamps everytime
+# a size estime flooding message is received
+# This option is only used for benchmarking, not in production.
HISTOGRAM_DIR = $SERVICEHOME
# How 'slowly' should the proof-of-work be constructed (delay
# between rounds); sane values between 0 and ~1000.
+# It should rarely make sense to change this value.
+# Only systems with slow CPUs where 5ms is a long time might
+# want it to be reduced.
WORKDELAY = 5 ms
# Note: changing any of the values below will make this peer
-# completely incompatible with other peers!
+# completely incompatible with other peers!
+
+# How often do peers exchange network size messages?
+# Note that all peers MUST use the same interval.
+# DO NOT CHANGE THIS VALUE, doing so will break the protocol!
INTERVAL = 1 h
-# 26 is about 100 minutes on a modern i7 (single-core) for PBKDF2;
-# need to re-calibrate once we have SCRYPT!
-WORKBITS = 26
+
+# 2^22 hash operations take about 2-3h on a modern i7 (single-core)
+# for SCRYPT; with 2ms/op and 5ms workdelay, we can expect
+# the POW calculation to be done by a high-end peer in about 6h
+# DO NOT CHANGE THIS VALUE, doing so will break the protocol!
+WORKBITS = 22
diff --git a/src/nse/perf_kdf.c b/src/nse/perf_kdf.c
index e462c129f..fbc846ac2 100644
--- a/src/nse/perf_kdf.c
+++ b/src/nse/perf_kdf.c
@@ -45,7 +45,7 @@ pow_hash (const void *buf,
{
GNUNET_break (0 ==
gcry_kdf_derive (buf, buf_len,
- GCRY_KDF_PBKDF2 /* FIX: use SCRYPT! */,
+ GCRY_KDF_SCRYPT,
1 /* subalgo */,
"gnunet-proof-of-work", strlen ("gnunet-proof-of-work"),
2 /* iterations; keep cost of individual op small */,