Toy VS phc-winner-argon2

Over the last couple months or so, I've totally lost my creative spark. I'd been working on a web game and a programming language for 3.5 years and 1 year, respectfully, but both of them reached a point where I don't know what to do next...

Context: I've made my own programming language (Toy), and I'm currently working on a game + engine to go with it. Having some experience with npm, I realize that it might be possible to make something similar to download Toy scripts directly into a mods folder in the game.

Funnily enough, I'm working on a custom scripting language implemented in C. Given how slow Python is, I couldn't implement my lang in it.

People need to promote their langs more - get them out there, you know? Usage is the only way they'll survive.

So I've made my own scripting language called Toy. It was built primarily in a WSL environment, using GCC - the problem is, I also want to support MSVC out of the box. I think it works pretty well as is, with a Visual Studio project provided alongside some makefiles.

And then I wrote the exact same code in JavaScript and C, and compared them. The result was quite good, IMO -

C/C++ is crunchy in a good way, Java is like chewing concrete. JavaScript used to be soft and smooth, but after making my own programming language (which felt silky smooth), JavaScript now feels too soft and sticky.

I'm making a programming language called Toy, which is intended to allow easy modding of video game logic by the players. To this end, each value within Toy, be it a number, a string, a variable name, etc. is stored in a structure called "Toy_Literal".

Don't forget the semicolon.

The goal was partially to make a good jam game, and also to test my custom scripting language Toy. Unfortunately, a combination of a new, crappier computer and the fact that it's an untested lang and engine means that it's really friggin' slow - I'm struggling to get 60fps, even when the simulation rate was adjusted.

Argon2, and it's derivations, are all memory hard. Beyond that, why change from 2i to 2id?

''Even though https://github.com/p-h-c/phc-winner-argon2 was standardized only somewhat recently, it is the result of the https://password-hashing.net/ and was a late re-design of Argon which also picked up ideas from a few other finalists. Since then there have been attacks on it, which caused the scheme to be tweaked to counter them better, this is why we have Argon2 v1.3 as the most current version, you may want to note that most of these attacks mostly weakened Argon2i and not Argon2d. Now during the competition results came up that your defense against time-memory trade-off attacks will suffer if you make sure that your scheme is immune to the various kinds of side-channel attacks that people have come up with (which also includes more "crazy" stuff like leaked intermediate state). Because of this, it was decided that there should be two versions: Argon2i and Argon2d. One offering the best possible protection while trying its best to be immune against side-channel attacks (by using data- and password-independent memory access patterns) and the other dropping these requirements and all-out optimizing against such attacks (by using data- and possibly password-dependent memory access patterns). Argon2d offers better protection than Argon2i at the expense of being more vulnerable to side-channel attacks. Now you have to ask yourself: Do these apply? No, not really. You said that you are on Android, which is not exactly known for high platform security, so if you have an attacker in such a privileged position to execute something like cache-timing attacks or similar attacks that try to exploit memory access patterns, your user has already much bigger problems anyways. It's a similar logic as with AES: https://en.wikipedia.org/wiki/Advanced\_Encryption\_Standard#Side-channel\_attacks, but these have never been observed in the wild, probably because other options are much easier, more reliable and equally as effective. So the conclusion is: You want to use Argon2d. So for whom is Argon2i? People who need to run applications on shared hardware or where timing attacks are a real thread. For example if you run a webserver in a public cloud on shared hardware. Then you have to be worried about who else is on the same CPU. And with webservers it's also easier to measure the timing of reactions and trying to deduce information from that."

And if you don't like my code you should take a look at the reference implementation.

AFAIK, Argon2 is the algorithm that's currently recommended for this. OpenSSL doesn't have support for it, so I'd recommend using the Argon2 reference implementation instead.

Which one should I use in terms of performance/standards? How about their performances comparing to the c implementation, https://github.com/P-H-C/phc-winner-argon2?

Did you try the Argon2 test vectors on each? They should all come out the same for both implementations, any implementation that doesn't match the test vectors is buggy.

> Is there anything stronger than blowfish?

I think you mean bcrypt..

Both Argon2 and scrypt win over that:

https://github.com/P-H-C/phc-winner-argon2

Here is the documentation for Argon2 to see why and how it's different, also why it won an award: https://github.com/P-H-C/phc-winner-argon2/blob/master/argon2-specs.pdf