lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 2 Apr 2014 13:36:16 -0400
From: Bo Zhu <bo.zhu@...terloo.ca>
To: discussions@...sword-hashing.net
Subject: Re: [PHC] Endian Issue in Catfish

Sorry if I am making you more confused.

By "chose little endian to be compatible with Keccak", I meant we are
trying to use the same bit and byte ordering conventions as Keccak's, in
order to avoid possible confusions when someone wants to implement both
Keccak and Catfish by himself/herself.
But it should not matter if you treat Keccak as a black box and just link
some Keccak libs.

If you are interested, you can read more info about Keccak's bit/byte
ordering in its specs at
http://keccak.noekeon.org/Keccak-implementation-3.2.pdf.  (Sec 1.2, Page 9).

Thanks.

--Bo




On Wed, Apr 2, 2014 at 1:24 PM, Steve Thomas <steve@...tu.com> wrote:

>
> On April 2, 2014 at 12:13 PM Bo Zhu <bo.zhu@...terloo.ca> wrote:
>
>  Hi Steve,
>
> Thanks for your interest in our design and especially the source code.
>
> The pkhash_slow() was modified from one piece of old code, and it was
> using big endian.
> I was in a hurry to complete the C ref code to be submitted to the
> competition.
> That's the reason why it seems a little weird.
>
> We chose little endian to be compatible with Keccak and other minor
> issues.
> It is perfectly fine if you can implement the pkhash in little endian.
>
> Best,
> Bo
>
>
>  On Wed, Apr 2, 2014 at 1:06 PM, Steve Thomas <steve@...tu.com> wrote:
>
>   I think there is an issue with endian in Catfish. E verywhere in
> catfish() it is little
>  endian until it gets  passed into pkhash_slow() then it thinks it's big
> endian and
>  "in" is  "reverse for little-endian". Then is used as little endian.
> Although this
>  doesn't really matter since the input  is  from keccak. It just seems
> weird.
>
>   I guess I'm either confused or being confusing, are you suppose to read
> the output
>  of  keccak as little or big endian .
>
>

Content of type "text/html" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ