| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5120951F.8000303@bindshell.nl> Date: Sun, 17 Feb 2013 00:30:23 -0800 From: Jeremi Gosney <epixoip@...dshell.nl> To: discussions@...sword-hashing.net Subject: Re: [PHC] Any "large verifiers" on the panel? On 2/16/2013 10:45 PM, Jeffrey Goldberg wrote: > On 2013-02-16, at 10:34 PM, Peter Gutmann <pgut001@...auckland.ac.nz> wrote: > >> Jeffrey Goldberg <Jeffrey@...dmark.org> writes: >> >>> Basically, it would be really sucky to settle upon a winner and then have >>> sites and services say, "we won't use that because we can't manage our >>> verification costs the way we need to." >> This is why I asked for an asymmetric option for the CFP, alongside the O( n ) >> everywhere for smaller sites we also need an O( 1 ) on the server, O( n ) on >> the client for larger users, so some sort of trapdoor-function iterated- >> hashing mechaism perhaps. > I am neither a cryptographer nor a hacker, so forgive me if this question > is naive. Any asymmetric scheme will require some secret key to be available to > the legitimate verifier at verification time (right?). And if so, shouldn't we > expect that the same compromises that would get the password hashes would also get > at that secret? Correct. You have to assume that if the passwords are compromised, the encryption key is as well.
Powered by blists - more mailing lists