| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 02 Oct 2014 08:47:37 -0400 From: Bill Cox <waywardgeek@...hershed.org> To: discussions@...sword-hashing.net Subject: Re: [PHC] Design Rationale and Security Analysis of PHC candidates -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/02/2014 06:50 AM, Dmitry Khovratovich wrote: > The value "Explored" stands for the case when the designers > actually try to mount a collision/preimage attack on their design > and show why it fails Sorry about my language in my previous post. The paper, "Design Rationality and Security Analysis of PHC Candidates: Overview", has very many incorrect statements, and the table, showing Argon to be as good or better than every other entry in every aspect considered except complexity, is based on nothing but the author's incorrect opinion of his work compared to other entries. No proof whatsoever of any claim is presented. It also ignores attacks made on his entry, including my highly parallel attack that shows Argon is not in it's current form safe for use. As just one example, Gambit, which uses Keccak on all input parameters to properly derive a cryptographically secure initial key, making it a "strongly secure" entry, is listed as having only "claimed" basic security. Compared to Argon, which leaves the password in plain text in memory for a long time, where it is likely to be written to disk, Gambit has excellent "Basic cryptography". I am not sure how to respond to papers like this that look professional, but are nothing more than a sales pitch, when the material being sold is highly insecure. This follows a paper described by the author as a proper "cryptanalysis", which uses ASICs that require Unobtainium to build. Bill -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJULUlmAAoJEAcQZQdOpZUZrKMQAKbBnfOjmk7KemaL9nevLApD wF4BjidVu8TBRpX18dRNTx2Is045zipuexPjGVk1wYaPX3wmzmdqz6D1VADyC/vZ F5JlhTI9A9/fkfgwzH8ZjPqtB0S5ok5oUftduVOjt7VUEIqOcGTI7W6scMg5/iwv iFfAnRdctKaWmpDv0idGs9N8sS8Titor+dyLL76JTzEKIwHUrpO4V0t38zfHZ9Ta lRm9jMiF/uUpcStTbrQUQt0twZDRdu+jNRkB0dctUVpy3wgwl8ryn/a0pNsIsbFs KYopmcvpMGoM7N7xjry/EV+dVSrc5sDKOLQl2YgL2BoXvTjTX2WQx/wtr/cyi8b+ mziOEIDhn/x3EXz6A6qzivEts9NNTmU8JUc6swxqXh3G0D3V8Uc42MUDpwGXsnjP kYJBEtbSjZ1HUTUO47RcipJXSp5O2xs5idb4Be1s3WTMwQFNOYLTWYDI9Bgu0uyP Z1mldGmE6r284Z1rW5M8AD4xbnENYkqRPPp8sDMfDYfj+OQcZJJbOwCtvpfSA4Wc ODUHrFET9WHdZpnNlmFDknDUgjXuOzdII64zbwsxl1dveaeFPT/W19Q6nKFWzcTy R1AaVEf3EG8gb7h6hv2tubBa3gdPc8VHDVUjyzNaMGx9WWtUjGNW3Rw09WQUeSn2 GVBT2iGEGsMtcu2+NrrT =Ctem -----END PGP SIGNATURE-----
Powered by blists - more mailing lists