Itsuku: a Memory-Hardened Proof-of-Work Scheme

Proof-of-Work (PoW) schemes allow to limit access to resources or to share rewards for cryptocurrency mining. The MTP-Argon2 PoW by Biryukov and Khovratovich is loosely based on the Argon2 memory-hard password hashing function. Several attacks have been published. We introduce a new transposed parallel implementation attack which achieves higher performance by circumventing apparent bandwidth requirements. We then present Itsuku, a new scheme that fixes known issues by changing MTP-Argon2 parameters and adds new operations to improve memory hardness. Our scheme is built on a simple security criterion: any implementation which requires half the memory or less should induce at least a × 64 computation cost for difficulty d ≤ 100. The Itsuku proof size is typically 1/16th of the initial scheme, while providing better memory hardness. We also describe high-end hardware designs for MTP-Argon2 and Itsuku.