lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 14 Sep 2013 14:10:13 +0200
From: Krisztián Pintér <>
To: Patrick Mylund Nielsen <>
CC: "" <>
Subject: Re: [PHC] Fwd: [crypt-dev] Password Scrambling

about catena,

i was about to open a conversation on iacr, but i can't register for some reason.

on another forum, the concern came up that catena memory hardness might not hold on shared memory multi-cpu systems.

i have an idea how to alter the black pebble game so it would model such systems.

in the traditional game, one move is defined as 

1. place a pebble if prev nodes are pebbled
2. remove a pebble
3. move a pebble (combined 1 and 2)

in the parallel model, one move would be

1. place any number of pebbles if prev nodes are pebbled before the step
2. remove any number of pebbles
3. move any number of pebbles (combined 1 and 2)

basically it would allow doing multiple steps in parallel if they don't depend on each other.

maybe worth checking how catena performs in this model.

> ---------- Forwarded message ----------
> From: Christian Forler <>
>  Date: Mon, Sep 2, 2013 at 12:58 PM
> Subject: Re: [crypt-dev] Password Scrambling
> To:

> On 18.01.2013 22:13, Christian Forler wrote:
>   [...]
>> Anyway! In the next couple of weeks, we will write an academic paper
 >> introducing a new password scrambler (key derivation function). After
 >> that, I will try to supply you with an abbreviated version of our
 >> extended abstract, if desired.
> Sorry, for the long delay. But this work took a little longer than
>  expected. Nevertheless, we came up with Catena, a new memory-hard
>  password scrambler based on the bit reversal function. A detailed
>  description of our scheme is available on eprint
>  (
>  We hope you enjoy this work, and we look forward to fruitful
>  discussions, comments, and criticism (on this mailing list).
>  Kind regards,
>  Christian


Powered by blists - more mailing lists