In the security considerations, it says: 1. Work Factor - To make brute force inversion hard, a cryptographic hash should be computationally expensive, especially for a general purpose processor. But FNV is designed to be very inexpensive on a general-purpose processor. (See Appendix A.)
As I understand it, the inversion resistance of crypto hash functions is not based on the computational cost of the function. A lot of effort is put in to making hashes fast, because they affect the performance of encrypted communication. AFAIK the term "work factor" is usually a synonym for the iteration count in higher-level functions like PBKDFs which want slowing down as computers get faster. Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
