Password Hashes, Again

[Vlad Dascalu]

> Of course, this will change as effects/etc GPU's are used for become
> ever more complex.
> I wouldn't expect this particular limitation to last for very long.
> It was only a short time ago that GPU's basically had *no* local ram.

Due to paralelization, it's much more expensive for them to match our
RAM requirements: There's nothing which prevents us from implementing
a hash computation algorithm requiring 20 MB of addressable RAM for
each login procedure, and this would be a show-stopper for most
attackers as they cannot afford that much RAM per individual worker.