| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAOLP8p4CDS02vaFLa8MnvBPt5Dge6VGKh7y6r36+k6tS6diRXw@mail.gmail.com> Date: Tue, 11 Mar 2014 22:11:48 -0400 From: Bill Cox <waywardgeek@...il.com> To: discussions@...sword-hashing.net Subject: Re: [PHC] TigerPHS paper and code ready for review It goes with the song... Our house, is very very fine house, with TwoCats in the yard, life used to be so hard... Not that my two cats are encryption mongers, but do they eat TwoFish? Actually, we feed them tuna every night. Naming is definitely a bike shedding event. There just aren't enough good names to go around. I googled Xcrypt and XScrypt, which I thought could be a decent alternative for Escrypt, the X coming from eXtended. No luck... they're taken, in uncool ways to stomp on. Two Cats seems to be taken, but not TwoCats. Two Cats is a production company with the same name as a comic book store. That's about as clean as you get with names now days. My daughter thinks Kitten is probably not taken, or we could use Tiger's full (and embarrassing to Tiger) name, Tiger Flower. Bill On Tue, Mar 11, 2014 at 9:44 PM, Bill Cox <waywardgeek@...il.com> wrote: > Grr... naming is so hard. We still need to help Alexander find a name > as good or better than Escrypt that he wont get sued over. NoelPHS? > How about TwoCats? > > Bill > > On Tue, Mar 11, 2014 at 9:36 PM, Donghoon Chang <pointchang@...il.com> wrote: >> One small comment: In 1995 the name Tiger was already used as a hash >> algorithm designed by Anderson and Biham. (See the following link.) >> >> http://en.m.wikipedia.org/wiki/Tiger_(cryptography) >> >> - donghoon >> >> 2014³â 3¿ù 12ÀÏ ¼ö¿äÀÏ, Jean-Philippe Aumasson<jeanphilippe.aumasson@...il.com>´ÔÀÌ >> ÀÛ¼ºÇÑ ¸Þ½ÃÁö: >> >>> You may just call it Tiger, we'll figure out that as a PHC submission >>> it's a PHS ;-) >>> >>> Well there's already a hash function called Tiger, and there's also a >>> Tiger2, so maybe not a good idea: >>> http://en.wikipedia.org/wiki/Tiger_(cryptography) >>> >>> On Tue, Mar 11, 2014 at 9:43 PM, Bill Cox <waywardgeek@...il.com> wrote: >>>> Based on a lot of excellent feedback, I've updated TigerKDF, which I'm >>>> now calling TigerPHS, for Password Hashing Scheme rather than Key >>>> Derivation Function. The latest version of my paper is at: >>>> >>>> http://waywardgeek.net/TigerPHS.pdf >>>> >>>> Code can be viewed/cloned at: >>>> >>>> https://github.com/waywardgeek/tigerphs >>>> >>>> I've updated the benchmarks based on Alexander's feedback. >>>> >>>> After the excellent discussion on PBKDF2 and HKDF, I've switched from >>>> PBKDF2-BLAKE2S to HKDF-SHA256 for initial and final key derivation, >>>> with Blake2s still used in the memory hashing part. Every input other >>>> than stopMemCost is now hashed in the initial hkdfExtract, conforming >>>> to the author's description of how to do a "strongly secure" key >>>> derivation. >>>> >>>> I've reduce the number of "slices" from 16 to 4, as per Solar >>>> Designer's recommendation. >>>> >>>> The paper has been improved as well. >>>> >>>> Let me know what you think. >>>> >>>> Thanks, >>>> Bill >>>
Powered by blists - more mailing lists