lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Mon, 20 Jan 2014 19:54:59 +0100
From: Christian Forler <christian.forler@...-weimar.de>
To: discussions@...sword-hashing.net
Subject: Re: [PHC] Native server relief support for password hashing in browsers

On 20.01.2014 14:22, Christian Forler wrote:
> On 20.01.2014 12:40, Solar Designer wrote:
>> On Mon, Jan 20, 2014 at 11:37:40AM +0100, Christian Forler wrote:
>>> I'm not familiar with the Blakerypt's session key approach.
>>> Catena supports "Keyed Password Hashing". (see
>>> http://eprint.iacr.org/2013/525.pdf Section 4 page 8) where password
>>> hash is encrypted by the (IND-CPA) secure AES-CTR mode.
>>
>> This isn't implemented yet, is it?
> 
> No, not yet. :-)


I just added the feature. :-)
(see https://github.com/cforler/catena)


Best regards,
Christian


Download attachment "signature.asc" of type "application/pgp-signature" (535 bytes)

Powered by blists - more mailing lists