Disproving the Conjectures from “On the Complexity of Scrypt and Proofs of Space in the Parallel Random Oracle Model”

  • Daniel Malinowski
  • Karol ŻebrowskiEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10681)


In the paper “On the Complexity of Scrypt and Proofs of Space in the Parallel Random Oracle Model” (Eurocrypt 2016) Joël Alwen et al. focused on proving a lower bound of the complexity of a general problem that underlies both proofs of space protocols [Dziembowski et al. CRYPTO 2015] as well as data-dependent memory-hard functions like \(\mathsf {scrypt}\) — a key-derivation function that is used e.g. as proofs of work in cryptocurrencies like Litecoin.

In that paper the authors introduced a sequence \(\gamma _n\) and conjectured that this sequence is upper bounded by a constant. Alwen et al. proved (among other results) that the Cumulative Memory Complexity of the hash function \(\mathsf {scrypt}\) is lower bounded by \(\varOmega (n^2/(\gamma _n \cdot \log ^2(n)))\). If the sequence \(\gamma _n\) is indeed bounded by a constant then this lower bound can be simplified to \(\varOmega (n^2/\log ^2(n))\).

In this paper we first show that \(\gamma _n > c \sqrt{\log (n)}\) and then we strengthen our result and prove that \(\gamma _{n} \ge \frac{\sqrt{n}}{poly(\log (n))}\).

Alwen et al. introduced also a weaker conjecture, that is also sufficient for their results — they introduced another sequence \(\varGamma _n\) and conjectured that it is upper bounded by a constant. We show that this conjecture is also false, namely: \(\varGamma _n \ge c\sqrt{\log (n)}\).


  1. 1.
    Alwen, J., Chen, B., Kamath, C., Kolmogorov, V., Pietrzak, K., Tessaro, S.: On the complexity of scrypt and proofs of space in the parallel random oracle model. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9666, pp. 358–387. Springer, Heidelberg (2016). CrossRefGoogle Scholar
  2. 2.
    Alwen, J., Chen, B., Pietrzak, K., Reyzin, L., Tessaro, S.: Scrypt is maximally memory-hard. In: Coron, J.S., Nielsen, J. (eds.) Advances in Cryptology - EUROCRYPT 2017. EUROCRYPT 2017. LNCS, vol. 10212, pp. 33–62. Springer, Cham (2017).
  3. 3.
    Alwen, J., Serbinenko, V.: High parallel complexity graphs and memory-hard functions. In: STOC (2015)Google Scholar
  4. 4.
    Bollobás, B.: The chromatic number of random graphs (1988)Google Scholar
  5. 5.
    Dziembowski, S., Faust, S., Kolmogorov, V., Pietrzak, K.: Proofs of space. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 585–605. Springer, Heidelberg (2015). CrossRefGoogle Scholar
  6. 6.
    Ullman, D.H., Scheinerman, E.R.: Fractional graph theory: A rational approach to the theory of graphs (2013)Google Scholar
  7. 7.
    Mycielski, J.: Sur le coloriage des graphs. Colloquium Math. 3(2), 161–162 (1955)MathSciNetCrossRefzbMATHGoogle Scholar
  8. 8.
    Park, S., Kwon, A., Alwen, J., Fuchsbauer, G., Gaži, P., Pietrzak, K.: SpaceMint: A Cryptocurrency Based on Proofs of Space. Cryptology ePrint Archive, Report 2015/528 (2015).
  9. 9.
    Percival, C.: Stronger key derivation via sequential memory-hard functions (2009)Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.University of WarsawWarsawPoland

Personalised recommendations