lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 19 Jan 2014 17:37:58 -0600 (CST)
From: Steve Thomas <steve@...tu.com>
To: discussions@...sword-hashing.net
Subject: Re: [PHC] my pre (if) submit proposal

> On January 19, 2014 at 11:01 AM Krisztián Pintér <pinterkr@...il.com> wrote:
>
> doc:
>
> https://docs.google.com/document/d/18R-qEAmL9WWh5zhGeBlvI7C6ikBAz6TF7MEtfPJK7m0
>
> figure:
>
> https://docs.google.com/drawings/d/1lr7P82bAVyl013Nc5kv9ju_w2Uw1DzbOtgF06k5Igwc

This is broken:
* Mem is only read once. So once read you can discard it.

* In the paper you state f=-1 is a perfect choice. Except from i=0 to t/2-1 you
are just reading zeros. So you don't even need the second half of Mem.

* With (C * (t/2) ** (1/2)) ram it will take 2 times longer. C is the size of
the
context of your sponge function. In general this is (C * size ** (1/N)) ram and
N times more computations. Max N is ln(size). I keep hearing about "parallel
cores" I believe it's the same thing or at least similar.
Content of type "text/html" skipped

Powered by blists - more mailing lists