lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 20 Jan 2014 19:54:59 +0100
From: Christian Forler <christian.forler@...-weimar.de>
To: discussions@...sword-hashing.net
Subject: Re: [PHC] Native server relief support for password hashing in browsers
On 20.01.2014 14:22, Christian Forler wrote:
> On 20.01.2014 12:40, Solar Designer wrote:
>> On Mon, Jan 20, 2014 at 11:37:40AM +0100, Christian Forler wrote:
>>> I'm not familiar with the Blakerypt's session key approach.
>>> Catena supports "Keyed Password Hashing". (see
>>> http://eprint.iacr.org/2013/525.pdf Section 4 page 8) where password
>>> hash is encrypted by the (IND-CPA) secure AES-CTR mode.
>>
>> This isn't implemented yet, is it?
>
> No, not yet. :-)
I just added the feature. :-)
(see https://github.com/cforler/catena)
Best regards,
Christian
Download attachment "signature.asc" of type "application/pgp-signature" (535 bytes)
Powered by blists - more mailing lists