lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 5 Jan 2014 06:19:19 +0400
From: Solar Designer <>
Subject: Re: [PHC] Proposed timeline changes

On Sat, Jan 04, 2014 at 07:10:10PM -0500, Daniel Franke wrote:
> 3. We're learning a lot from each other as we go along, which is not
> surprising, considering how little attention the topic of password hashing
> has gotten prior to this competition. (In contrast, when the AES and SHA-3
> competitions began, their respective fields were much more mature). I think
> that soon after submissions are posted, somebody is going to come up with a
> synthesis of our ideas that improves on all of them.

I don't know if you saw this exchange on crypt-dev or not, but it is
closely related:

Date: Tue, 31 Dec 2013 15:38:04 +0100
From: Christian Forler <>

On 27.12.2013 00:27, Solar Designer wrote:
> On Tue, Dec 24, 2013 at 11:52:46AM +0100, Christian Forler wrote:
>> We are eager to see all the other designs. We hope that there are tons
>> of cool ideas.
> Yeah.  I am even wondering if we maybe should propose a change to PHC
> timeline, introducing an extra round of submissions so that there's a
> chance for all to reuse ideas from others' submissions (with due
> credit).  "Tweaks" are going to be allowed, but in some cases this could
> be more than mere tweaks.

Yes you should propose to introduce a extra round to the PHC since the
timeline is quite tight. Besides,  I really do like the idea of an
additional round.

Best regards,

So, yes, at least escrypt and Catena teams would like a chance to submit
revised and/or different versions (beyond mere "tweaks"), where
influence by other submissions (which we can't possibly see all of
before the round 1 submission deadline, whatever it is) might play a
major role.  For example, I might like some aspects of new Catena so
much that I'd want them in a major revision of escrypt (beyond tweaks),
yet not like the new Catena as much as to choose it over escrypt almost
as-is (with mere tweaks to Catena).

Whether this should be an extra round or a replacement for the
"selection of finalists" as Daniel proposes, I am not sure.  However, I
see some value in having a period after the last round of submissions
where tweaks are still allowed.

The current "provisional timeline (subject to change)" (wording from the
website) is:

2013 Q1 call for submissions published on the website of the competition
2014 Jan 31 submission deadline
2014 Q3 selection of finalists ("tweaks" will then be permitted)
2015 Q2 selection of one or more password hashing schemes

Daniel's suggested revision:

> 2014 Mar 31: 1st round submissions due
> 2015 Q1: 2nd round submissions due
> 2015 Q4: winners selected

Maybe it should be like:

2014 Jan 31: Call for submissions initial response is due (must provide
the name of at least one author and at least a provisional name of the
password hashing scheme to be submitted; no other info is required yet)
2014 Mar 31: 1st round submissions due
2015 Q1: 2nd round submissions due (must have at least one author in
common with a 1st round submission; minor tweaks are still permitted
after this time)
2015 Q3 (exact date to be announced): freeze: further tweaks are no
longer permitted (exceptions may be granted by the panel in case an
easily fixable issue is found)
2015 Q4: selection of one or more password hashing schemes

Too complicated?  Too limiting?  If something like this is accepted,
should the comments in braces be moved to footnotes or elsewhere, not to
clutter the timeline?


Powered by blists - more mailing lists