lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <03e70bbd2d9649c6bb19fbe4e46fe8e5@BLUPR03MB166.namprd03.prod.outlook.com>
Date: Wed, 7 Aug 2013 09:34:59 +0000
From: Marsh Ray <maray@...rosoft.com>
To: "discussions@...sword-hashing.net" <discussions@...sword-hashing.net>
Subject: RE: [PHC] A (naively?) simple PHC submission using hash chains


From: CodesInChaos [mailto:codesinchaos@...il.com]
Sent: Wednesday, August 7, 2013 2:21 AM
>
> `hash.call(salt, link)` is constant time. salt has constant
> size, link has constant size so the input has constant size.
> So it doesn't matter if I count compressions or invocations here.
> This doesn't hash the whole chain on each iteration. link != chain

Oh, right. OK I see.

So why then do you say:

> A defender with a standard computer has cost ptime*{pmem^2} instead.

In particular, where does he pay pmem^2 ?

(Except possibly with a pathological .prepend or .join implementation)

- Marsh


Content of type "text/html" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ