| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20140119223951.GA23236@openwall.com> Date: Mon, 20 Jan 2014 02:39:51 +0400 From: Solar Designer <solar@...nwall.com> To: discussions@...sword-hashing.net Subject: Re: [PHC] Native server relief support for password hashing in browsers On Mon, Jan 20, 2014 at 02:28:20AM +0400, Solar Designer wrote: > That said, this may well be beyond scope of PHC (unless something > unexpectedly clever yet simple emerges), and Catena's builtin "server > relief" is only the tip of the iceberg. It is very nice that Catena > standardizes just one hash type for both server-only and client+server > uses (without that functionality built in, it'd end up being 2+ hash > type variations), but it doesn't address the more complicated issues. BTW, if I understood Catena's server relief design correctly, it looks compatible with RFC 5802 (SCRAM), which I happened to have described in my own words here (before I learned of the RFC): http://openwall.info/wiki/people/solar/algorithms/challenge-response-authentication#Stored-on-the-server For this algorithm to work, the server only needs H(Hs(password, salt)). This is very nice if so, meaning that exact same standardized hash type may be used for storage on the server both for SCRAM and for plaintext logins (possibly over a secure tunnel). Alexander
Powered by blists - more mailing lists