lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 7 Sep 2013 18:25:48 +0400
From: Solar Designer <>
Subject: Re: [PHC] Terminology goals

On Fri, Sep 06, 2013 at 10:42:40PM -0700, Tony Arcieri wrote:
> What about calling them slow hashes?

FWIW, this is what we've been calling them in John the Ripper
development and usage context for a few years now, because we needed to
differentiate "fast" and "slow" hashes (of the hash types that JtR
supports) when talking about program structure, optimizations, usage
instructions (need to bother avoiding occasional duplicate candidate
passwords or not, etc).

A "slow" hash might not include a builtin salting mechanism (although in
practice they almost always do), whereas for PHC this is a requirement.
Yet I am fine with the "slow hashes" term.

That said, in PHC context, we've already started using "PHS", so perhaps
we should stick with that.


Powered by blists - more mailing lists