Memory-hard function

In cryptography, a memory-hard function (MHF) is a function that costs a significant amount of memory to efficiently evaluate.^[1] It differs from a memory-bound function, which incurs cost by slowing down computation through memory latency.^[2] MHFs have found use in key stretching and proof of work as their increased memory requirements significantly reduce the computational efficiency advantage of custom hardware over general-purpose hardware compared to non-MHFs.^[3]^[1]

^ ^a ^b Chen, Binyi (2019). Memory-Hard Functions: When Theory Meets Practice (Thesis). UC Santa Barbara.
^ Dwork, Cynthia; Goldberg, Andrew; Naor, Moni (2003). Boneh, Dan (ed.). "On Memory-Bound Functions for Fighting Spam". Advances in Cryptology - CRYPTO 2003. Lecture Notes in Computer Science. Berlin, Heidelberg: Springer: 426–444. doi:10.1007/978-3-540-45146-4_25. ISBN 978-3-540-45146-4.
^ LIU, ALEC (2013-11-29). "Beyond Bitcoin: A Guide to the Most Promising Cryptocurrencies". Vice. Retrieved 2023-09-30.

[:0-1] Chen, Binyi (2019). Memory-Hard Functions: When Theory Meets Practice (Thesis). UC Santa Barbara.

[2] Dwork, Cynthia; Goldberg, Andrew; Naor, Moni (2003). Boneh, Dan (ed.). "On Memory-Bound Functions for Fighting Spam". Advances in Cryptology - CRYPTO 2003. Lecture Notes in Computer Science. Berlin, Heidelberg: Springer: 426–444. doi:10.1007/978-3-540-45146-4_25. ISBN 978-3-540-45146-4.

[:1-3] LIU, ALEC (2013-11-29). "Beyond Bitcoin: A Guide to the Most Promising Cryptocurrencies". Vice. Retrieved 2023-09-30.

[1]

[2]

[3]