lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sun, 17 Feb 2013 00:45:16 -0600
From: Jeffrey Goldberg <>
To: "" <>
Cc: Peter Gutmann <>
Subject: Re: [PHC] Any "large verifiers" on the panel?

On 2013-02-16, at 10:34 PM, Peter Gutmann <> wrote:

> Jeffrey Goldberg <> writes:
>> Basically, it would be really sucky to settle upon a winner and then have
>> sites and services say, "we won't use that because we can't manage our
>> verification costs the way we need to."
> This is why I asked for an asymmetric option for the CFP, alongside the O( n )
> everywhere for smaller sites we also need an O( 1 ) on the server, O( n ) on
> the client for larger users, so some sort of trapdoor-function iterated-
> hashing mechaism perhaps.

I am neither a cryptographer nor a hacker, so forgive me if this question
is naive. Any asymmetric scheme will require some secret key to be available to
the legitimate verifier at verification time (right?). And if so, shouldn't we 
expect that the same compromises that would get the password hashes would also get
at that secret?

If there is something that I'm missing here, please feel free to point me toward what
I should be reading.



Powered by blists - more mailing lists