lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 2 Apr 2014 13:13:49 -0400
From: Bo Zhu <>
Cc: Xinxin Fan <>, Raullen Chai <>,
        Guang Gong <>
Subject: Re: [PHC] Endian Issue in Catfish

Hi Steve,

Thanks for your interest in our design and especially the source code.

The pkhash_slow() was modified from one piece of old code, and it was using
big endian.
I was in a hurry to complete the C ref code to be submitted to the
That's the reason why it seems a little weird.

We chose little endian to be compatible with Keccak and other minor issues.
It is perfectly fine if you can implement the pkhash in little endian.


On Wed, Apr 2, 2014 at 1:06 PM, Steve Thomas <> wrote:

>   I think there is an issue with endian in Catfish. E verywhere in
> catfish() it is little
>  endian until it gets  passed into pkhash_slow() then it thinks it's big
> endian and
>  "in" is  "reverse for little-endian". Then is used as little endian.
> Although this
>  doesn't really matter since the input  is  from keccak. It just seems
> weird.

Content of type "text/html" skipped

Powered by blists - more mailing lists