lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Date: Sat, 17 Aug 2013 17:24:09 +0200
From: Jean-Philippe Aumasson <>
Subject: Tweak to the call for submissions

After discussions between panel members, the PHC call now requires
that submission be able to produce 32-byte hash values (rather than

A motivation for this is to make sure that the hashing scheme can
directly be used for derivation of 256-bit keys.

I also added a clarification regarding the API:

The API should include, but may not be limited to, a function with the
following prototype:
int PHS(void *out, size_t outlen, const void *in, size_t inlen, const
void *salt, size_t saltlen, unsigned int t_cost, unsigned int m_cost);
The t_cost and m_cost arguments are intended to parameterize time and
memory usage, respectively, however this is not a strict requirement
(only one parameter may be effective, m_cost might affect time, etc.).

Powered by blists - more mailing lists