[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAK9dnSyjQup4Dv9AnOxzWffFE1fgGfJc3-yQ7aj=y31KcJWZMg@mail.gmail.com>
Date: Tue, 10 Dec 2013 19:18:45 +0100
From: CodesInChaos <codesinchaos@...il.com>
To: Poul-Henning Kamp <phk@....freebsd.dk>
Cc: discussions@...sword-hashing.net
Subject: Re: [PHC] IETF draft
That form of pre-computation seems like an extremely exotic threat.
For that to be relevant, and attacker would have to first compromise
the db, then precompute (separately for each user!), and then later on
obtain the key. Only effect of pre-computation is that the attacker
can compute hashes between the compromise of the db and compromise of
the key. I think it's unlikely that this would happen in practice.
Powered by blists - more mailing lists