lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 19 Jan 2014 13:03:22 -0500
From: Bill Cox <waywardgeek@...il.com>
To: discussions@...sword-hashing.net
Subject: Re: [PHC] Native server relief support for password hashing in browsers

On Sun, Jan 19, 2014 at 12:21 PM, Krisztián Pintér <pinterkr@...il.com> wrote:
> by the same token, considering cold boot attacks or DMA attacks, with
> memory hard pbkdf-s, we are moving into the exact opposite direction
> than the trend. in all other areas, we try to put crypto in the CPU.
> with memory intensive functions, we hugely exacerbate the problem
> instead.
>
> it is getting to be my pet peeve, but i think we badly need some
> randomized blinding.

This is one reason I like Blakerypt's session key idea.  Simply
hashing it with the password to create an intermediate derived key,
and then clearing the password, minimizes the attack surface against
the password, if I'm using your terminology correctly.  Is this the
kind of randomized blinding you're thinking of?  If so, I have to say
I agree with you.  I don't know of any other way to do it.  Is this
standard stuff?  Just because it's new to me doesn't mean it's new.

Bill

Powered by blists - more mailing lists