| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAOLP8p5DuEJa0ERfNSoNVWosWS7TSe8P3+nzOfFLtLSH1by-pA@mail.gmail.com> Date: Thu, 27 Feb 2014 08:45:42 -0500 From: Bill Cox <waywardgeek@...il.com> To: discussions@...sword-hashing.net Subject: "Predictable" vs "pseudorandom" KDFs I need a short name for cache-timing-attack resistant KDFs which do no password dependent memory addressing. I use the phrase 20 times in my paper, and "KDFs which do no password dependent memory addressing" is a mouthful. I also use "KDFs which do password dependent addressing from the start" about 20 times, and I discuss my "hybrid" version, which like Scrypt, does the no-password-addressing thing in the first loop, and does the password-dependent thing in the second. Could we call the first type "predictable" KDFs, since they do only predictable address lookups? The second type could be "pseudorandom" KDFs. Are these good names? I find it is hard for a group to discuss ideas that have no concise name. Bill
Powered by blists - more mailing lists