| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 23 Mar 2015 17:18:20 +0100 From: Jakob Wenzel <jakob.wenzel@...-weimar.de> To: discussions@...sword-hashing.net Subject: Re: [PHC] PHC: survey and benchmarks -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 23.03.2015 17:10, Bill Cox wrote: > On Mon, Mar 23, 2015 at 9:00 AM, Jakob Wenzel > <jakob.wenzel@...-weimar.de <mailto:jakob.wenzel@...-weimar.de>> > wrote: > > -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > > On 23.03.2015 16:45, Bill Cox wrote: >> Hopefully they will take some feedback for corrections. They >> mistakenly call Yescrypt non-RAM hard and lump it with Makwa. >> They did not test it with significant men size either... >> > >> On Mar 23, 2015 7:08 AM, "Jean-Philippe Aumasson" >> <jeanphilippe.aumasson@...il.com >> <mailto:jeanphilippe.aumasson@...il.com> >> <mailto:jeanphilippe.aumasson@...il.com > <mailto:jeanphilippe.aumasson@...il.com>>> wrote: >> >> This just appeared: http://eprint.iacr.org/2015/265 >> > > Hi all, > > thanks to the authors for the benchmarking paper. Nevertheless, we > do not agree with the results for Catena since the authors in the > paper did not consider the current version of Catena (Catena v3.1) > which can be found here: > > http://www.uni-weimar.de/fileadmin/user/fak/medien/professuren/Mediensicherheit/Research/Publications/catena-v3.1.pdf > > > They refer to the version from December 2014 which does not contain > the latest tweaks such as: - reduced-round version of blake - > additional random layer - changed initialization phase - removed > SHA-512 from the parameter recommendations for the underlying hash > function - ... > > They also ignored the instance Catena-DBG, which was already > mentioned in the ePrint version. Before this paper will be used in > the decision process for the winner of the PHC, we would kindly > asked the authors to analyze the latest version of Catena (Catena > v3.1). > > Best regards, Jakob (on behalf of the Catena design team) > > > They similarly used older versions of Yescrypt, Lyra2, Argon, and > others, if I am not mistaken. I think this is no big deal for the > non-finalists, but the paper should be updated to reflect the > current state of all the finalists. They just mentioned in their conclusion: "We survey the first round results of the competition [...]" This might be ok. But they also wrote: "We contribute to the final selection of the winners by highlighting the efficiency of each finalist in terms of execution time, memory consumption and code size." Which does not make much sense since only the current versions are considered for the choice of the winner(s). > > It is nice to see some new independent analysis, though :-) Of course. It is always good to see that more and more people are analyzing PHC candidates! regards, jakob - -- Jakob Wenzel Research Assistant Chair of Media Security (Prof. Lucks) Bauhausstraße 11 (Room 217) 99423 Weimar -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJVEDzLAAoJEDFlRQsgEDnDn1AIAIDpA8A4dnAMepphr0qiZu3q Ovg+q4uqTeH8GwB7X2oKfVi05ssxa75OXwtDYs9sq1vtrecJtRjRcJOPvCh/6SGn UVJrTrycRnrvwnS6QxxM66wUnvVuabxjr+qYIrQcUClMGuX3W1A4rk3pDPW97U0k Ly0NSYVpMyOQRY8LBC8QJ7t5/dVun0BrNT9t+DUggcqi4VIX9WBi8X5O2X3nMVxe YLiUfg2P7zVZeWV/IwPHWsxjEAYuI63D2BXRet2y6wOx8AYYPUkR/dso9xEMrMy0 7tLkvc2gqDSDxdlsl5XTl4S5gl1Ghld9WH49E44DxtseFiepRnWgAOOV5Pqyiqs= =+vk0 -----END PGP SIGNATURE-----
Powered by blists - more mailing lists