lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 1 Apr 2014 21:30:06 +0200
From: Thomas Pornin <>
Subject: Re: [PHC] PHC Zoo ?

On Tue, Apr 01, 2014 at 01:38:05PM -0400, Bill Cox wrote:
> is it cool to make a hobby out of attacking all the submissions, even
> if I have an entry?

It is more than cool; it is highly recommended. The whole point of an
open cryptographic competition is to accumulate analysis, i.e. to have a
lot of people trying to break the algorithms. It is normal and expected
that submitters, in particular, will try real hard to break each other

> If so, where is the place to discuss weaknesses of various hashing
> algorithms?

I'd say that discussions on password hashing algorithms are appropriate
on a mailing-list whose address is ''.

Usually, academics discuss cryptography by gathering regularly, and,
when they cannot meet physically, exchange written information over
appropriate mediums. Historically, papyrus and then parchment were used,
but nowadays emails are preferred. When someone has a full, elegant and
non-trivial attack to demonstrate, he usually writes it down with the
traditional formalism (i.e. an 'article') and pushes it through the
various mechanisms (conferences with proceedings, and/or the IACR ePrint
archive: ); for smaller, faster remarks, and,
yes, discussions, this present mailing-list is expected to be used. In
particular during the first pruning phase, during which the list of
candidates should be reduced (24 are fine, but maybe a bit too much for
available cryptanalytic resources).

At least that's how things worked for SHA-3. I don't remember if there
was a mailing-list for the AES competition.

> I notice that poor AntCrypt is suffering from early cryptanalysis

As far as can I see, it is more a specification/implementation issue,
but maybe I don't see everything that is to be seen. E.g. I don't follow
the IRC channel (maybe I should ?).

For high-quality rational scientific debates, it is usually best if
people take time to structure their arguments and put them in due order;
so emails are a better format than chat-like interfaces. That's my

	--Thomas Pornin

Powered by blists - more mailing lists