Include the iteration when deriving the pseudorandom bytes

As discussed in #14. May switch this from the salt to spaceCost, timeCost, and parallelism as well.
samuel-lucas6 · Jun 23, 2024 · 51d3853 · 51d3853
1 parent 7b41439
commit 51d3853
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/draft-lucas-balloon-hashing.md b/draft-lucas-balloon-hashing.md
@@ -296,7 +296,7 @@ emptyKey = ByteArray(0)
 previous = buffer[spaceCost - 1]
 for t = 0 to timeCost - 1
     for m = 0 to spaceCost - 1
-        pseudorandom = PRF(ZeroPad(emptyKey, HASH_LEN), LE64(counter++) || salt)
+        pseudorandom = PRF(ZeroPad(emptyKey, HASH_LEN), LE64(counter++) || LE64(iteration) || salt)
         other1 = ReadLE64(pseudorandom.Slice(0, 8)) % spaceCost
         other2 = ReadLE64(pseudorandom.Slice(8, 8)) % spaceCost
         other3 = ReadLE64(pseudorandom.Slice(16, 8)) % spaceCost