Argon2id Speed & Memory: Calculating Derivation Rate

TL;DR

This guide shows you how to estimate Argon2id key derivation speed (iterations per second) and memory usage, helping you choose the right settings for strong cyber security without crippling performance. We’ll cover practical calculations and tools.

Understanding Argon2id Parameters

Argon2id uses three main parameters:

• Time Cost (t): The number of iterations. Higher = slower, more secure.
• Memory Cost (m): The amount of RAM used in kilobytes. Higher = more secure, needs more memory.
• Parallelism (p): How many threads to use. Usually matches your CPU cores.

The derivation rate is how quickly Argon2id can generate a key given these settings. A faster rate means quicker password checking but potentially less security if the parameters are too low.

Calculating Derivation Rate

It’s tricky to calculate *exactly* without testing, but we can estimate. The actual speed depends on your CPU and RAM. Here’s how:

Step 1: Estimate Memory Bandwidth

1. Find Your RAM Speed: Determine the speed of your system’s RAM in GB/s. You can use tools like Crucial System Scanner or check your motherboard specifications.
2. Calculate Bandwidth in KB/s: Convert GB/s to KB/s by multiplying by 1024 twice (GB -> MB -> KB). For example, 32 GB/s RAM becomes 32 * 1024 * 1024 = 32768 KB/s.

Step 2: Estimate Iterations Per Second

1. Basic Formula: A rough estimate is (Memory Bandwidth in KB/s) / (Memory Cost * 4). Argon2id reads and writes memory, so we divide by 4 to account for this.
2. Example: If your RAM bandwidth is 32768 KB/s and you’re using a Memory Cost of 65536 KB (64MB), the estimated iterations per second would be 32768 / (65536 * 4) = 1.25 iterations/second.
3. Account for Parallelism: Multiply the result by your Parallelism value. If you have 4 cores, it becomes 1.25 * 4 = 5 iterations/second.

Step 3: Adjust Time Cost

Now that you know the estimated iterations per second, adjust the Time Cost (t) to achieve a desired derivation time.

• Desired Derivation Time: Aim for at least 0.5 – 1 second per password check for good security.
• Calculate Required Time Cost: Divide your desired derivation time in seconds by the estimated iterations per second. For example, if you want 1 second and have 5 iterations/second, t = 1 / 5 = 0.2. Round this *up* to a whole number (e.g., 1).

Practical Testing with `argon2-cli`

The best way is to test on your target hardware.

Step 4: Install Argon2 CLI

1. Linux (Debian/Ubuntu):

   sudo apt update && sudo apt install argon2-cli

2. macOS (Homebrew):

   brew install argon2-cli

3. Windows: Download from argon2-cffi GitHub and add to your PATH.

Step 5: Run a Benchmark

Use the `argon2-cli` tool to benchmark different parameter combinations.

argon2-cli --time 1 --memory 64M --parallelism 4 --type Argon2id

This command tests Argon2id with a time cost of 1 iteration, 64MB memory, and 4 threads. Adjust the values to see how performance changes.

Step 6: Interpret Results

The output will show you the actual derivation time. If it’s too fast (less than 0.5 seconds), increase the Time Cost. If it’s too slow, reduce either Time Cost or Memory Cost (but be careful reducing security!).

Recommended Settings

These are starting points; always test on your hardware.

• Moderate Security: t=3, m=64MB, p=4
• High Security: t=5, m=128MB, p=4