16:58:35 <br-m> <samholmes:matrix.org> I'm researching the applications of RandomX for spam and KDF
16:59:52 <br-m> <samholmes:matrix.org> If any short-comings.* 
16:59:52 <br-m> <samholmes:matrix.org> My curiosity is why it wouldn't be used more often for KDFs considering it's strong ASIC resistance.
17:14:24 <br-m> <jpk68:matrix.org> I am not really qualified to answer this, however I believe the answer to a similar, previous question was that it isn't constant-time, thus making it unsuitable for such applications.
17:15:20 <br-m> <jpk68:matrix.org> Also, the fact that preimage resistance is important for password hashing (and isn't really something RandomX needs to have) could be concerning
17:15:26 <br-m> <jpk68:matrix.org> Argon2 is memory-hard anyways
17:59:40 <tevador> Correct. RandomX was not designed to be used with secret inputs.
19:45:37 <br-m> <samholmes:matrix.org> tevador: So given a hash there is a chance the pre-image can be reversed?
20:33:33 <tevador> It could be vulnerable to side channel attacks. For example, measuring how long it takes to calculate a hash can give some information about the input.
21:31:13 <br-m> <samholmes:matrix.org> Are side channel attacks the only concern here. What other considerations are there for KDFs?
21:35:35 <br-m> <samholmes:matrix.org> Also, the application I have in mind may not technically be a KDF. The concept is to derive a hash from some password/passphrase using n iterations of RandomX hashing where the delay is some significant amount of time (1 hour, 1 day, etc). This final hash is work done on the passphrase and can then be used to salt the pass [... too long, see https://mrelay.p2pool.observer/e/_PvaxYALRVp6dWZj ]