| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1582534452.20131209203018@gmail.com> Date: Mon, 9 Dec 2013 20:30:18 +0100 From: Krisztián Pintér <pinterkr@...il.com> To: discussions@...sword-hashing.net Subject: Re: [PHC] blakerypt sequential memory-hard function Stefan.Lucks@...-weimar.de (at Monday, December 9, 2013, 1:54:41 PM): > You know Boyen's halting password puzzles (for time usage, not really for > memory usage)? > https://crypto.stanford.edu/~xb/security07/index.html that is very interesting with two remarks: 1. this design uses indexing on secret. also, i'm not exactly a math person, but it appears to me that it is essential to the proof. if i'm not mistaken, basically it is a walk based on the secret, without which you "get lost in the forest". i wonder if you can circumvent this limitation. 2. though a good initiative, its benefits are not as huge as it first seems. we can't expect users to be very sophisticated with their choice of parameters. to be user friendly, you probably want to offer some preset values, and not just run-till-stopped. and therefore we can kind of expect the running time to be guessable. it is also easy to listen in on an authentication session, and measure the timing.
Powered by blists - more mailing lists