| With the popularization of mobile Internet,information security has attracted more and more attention.Traditional password hashing schemes implement the protection of private information based on hash functions,and are widely used in fields such as user password encryption storage and private key generation.However,with the development of hardware technology,the emergence of parallel computing chips such as GPU,FPGA and ASIC has greatly accelerated the attacker’s brute force cracking of password hashing schemes.The emergence of ASIC chips also poses a huge security threat to the common consensus algorithm in the blockchain——the proof-of-work mechanism.This paper conducts an in-depth study on the memory-hard password hashing scheme,and improves the overall memory consumption of the password hashing scheme to resist bruteforce cracking attacks of parallel computing chips.At the same time,combined with the memory-hard password hashing scheme,the research is carried out on the proof-of-work mechanism of the blockchain to deal with the security threat brought by ASIC chips.This paper proposes the memory-hard password hashing scheme MH-PBKDF2 algorithm based on the standardized scheme PBKDF2.MH-PBKDF2 saves the calculation results during multiple iterations and introduces additional callback operations to complete the filling and calling of the memory data,so as to achieve memory difficulties with acceptable additional time overhead to resist parallel computing chips Brute force attack.MH-PBKDF2 parameterizes the times of callback to achieve flexible control of the callback operation.This paper conducts a comprehensive analysis of the security of MH-PBKDF2,and conducts experimental tests on time-memory trade-off attacks under different storage strategies.The results show that MH-PBKDF2 has effective resistance to time-memory trade-off attacks.This paper analyzes the mechanism of the proof-of-work combined with memoryhard password hashing schemes.By simultaneously verifying both the memory space and computing power of the prover,the centralization of computing power caused by ASIC chips in traditional proof-of-work mechanism is avoided,thereby improving the overall security of the blockchain.In this paper,MH-PBKDF2 is used to improve the memory-hard proof-of-work mechanism,which improves the resistance of the memoryhard proof-of-work mechanism against pre-computed time-memory trade-off attacks. |
