<samholmes:matrix.org> > <tevador> It could be vulnerable to side channel attacks. For example, measuring how long it takes to calculate a hash can give some information about the input.

<samholmes:matrix.org> Thinking about this one a bit when it comes to the concept for the VDF/KDF design which I’m dubbing “proofkeys” for now. A side-channel attack measuring the time it takes to hash isn’t necessarily possible if the time for the derived hash (key) is constant by setting (1 hour, 2 hours, etc). The time spent hashing is th [... too long, see mrelay.p2pool.observer/e/-bfF2oILbFVCTjk4 ]

<samholmes:matrix.org> The idea is to make the derived key from hashing a VDF where the time is not known to the attacker and requires brute-forcing through the space and time by requiring to search through the delay. This is merely to raise the cost to brute-force password guessing.

<samholmes:matrix.org> [... more lines follow, see mrelay.p2pool.observer/e/-bfF2oILbFVCTjk4 ]