lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 14 Sep 2013 08:11:50 -0700
From: Watson Ladd <watsonbladd@...il.com>
To: discussions@...sword-hashing.net
Subject: Re: [PHC] Fwd: [crypt-dev] Password Scrambling

On Sat, Sep 14, 2013 at 5:10 AM, Krisztián Pintér <pinterkr@...il.com> wrote:
>
>
> about catena, http://eprint.iacr.org/2013/525
>
> i was about to open a conversation on iacr, but i can't register for some reason.
>
> on another forum, the concern came up that catena memory hardness might not hold on shared memory multi-cpu systems.
>
> i have an idea how to alter the black pebble game so it would model such systems.
>
> in the traditional game, one move is defined as
>
> 1. place a pebble if prev nodes are pebbled
> 2. remove a pebble
> 3. move a pebble (combined 1 and 2)
>
> in the parallel model, one move would be
>
> 1. place any number of pebbles if prev nodes are pebbled before the step
> 2. remove any number of pebbles
> 3. move any number of pebbles (combined 1 and 2)

The issue here is the hidden pebble: In the pebble game we need
temporary storage for the computed result.
For example, take a bipartite graph. Then your parallel game lets it
be done in one step, but this is only true if you have N processors.
What's needed is limiting the number of pebbles in each step to k,
where k is the number of processors.

Circuit complexity is probably what we really want to deal with.
>
>
> basically it would allow doing multiple steps in parallel if they don't depend on each other.
>
> maybe worth checking how catena performs in this model.
>
>
>
> > ---------- Forwarded message ----------
> > From: Christian Forler <christian.forler@...-weimar.de>
> >  Date: Mon, Sep 2, 2013 at 12:58 PM
> > Subject: Re: [crypt-dev] Password Scrambling
> > To: crypt-dev@...ts.openwall.com
>
>
> > On 18.01.2013 22:13, Christian Forler wrote:
> >   [...]
> >
> >> Anyway! In the next couple of weeks, we will write an academic paper
>  >> introducing a new password scrambler (key derivation function). After
>  >> that, I will try to supply you with an abbreviated version of our
>  >> extended abstract, if desired.
> >
> >
> >
> > Sorry, for the long delay. But this work took a little longer than
> >  expected. Nevertheless, we came up with Catena, a new memory-hard
> >  password scrambler based on the bit reversal function. A detailed
> >  description of our scheme is available on eprint
> >  (http://eprint.iacr.org/2013/525).
> >
> >  We hope you enjoy this work, and we look forward to fruitful
> >  discussions, comments, and criticism (on this mailing list).
> >
> >  Kind regards,
> >  Christian
> >
> >
> >
> >
>
>
>
> -----
>



-- 
"Those who would give up Essential Liberty to purchase a little
Temporary Safety deserve neither  Liberty nor Safety."
-- Benjamin Franklin

Powered by blists - more mailing lists