lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20140323143709.GA28940@openwall.com>
Date: Sun, 23 Mar 2014 18:37:09 +0400
From: Solar Designer <solar@...nwall.com>
To: discussions@...sword-hashing.net
Subject: Re: [PHC] Can I have two entries?

On Sun, Mar 23, 2014 at 07:24:25AM -0700, Jeremi Gosney wrote:
> On 3/23/2014 7:13 AM, Solar Designer wrote:
> > escrypt is just not ready for PHC yet given the full set of
> > requirements I currently have for it (are post-submission let's say
> > "major tweaks" OK?)
> 
> I believe we had previously discussed and agreed upon a period after the
> initial review where submissions could be tweaked. I see no reason why
> major tweaks within reason would be a problem. If your major tweaks
> result in a dramatically different algorithm, then I think that would be
> a problem :) But reasonable and organic enhancements should be fine as
> long as the overall shape of the algorithm does not change.

Yes, that's my understanding too, but it remains undefined how
significant those "reasonable and organic enhancements" can be.

In the case of escrypt, it might be that its underlying structure would
stay mostly the same, but the feature set might double.  I've been
postponing work on all those bells and whistles like hash upgrades
(despite of having suggested hash upgrades myself), focusing on
escrypt's core first.  So now I have to choose between finalizing and
properly documenting only the core (hopefully a complete submission but
with only a subset of intended functionality) vs. adding the bells and
whistles (but then the core will need tweaks later, and the
documentation will be incomplete) vs. continuing the work at its natural
pace and not submitting to PHC.

Alexander

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ