lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAOLP8p4p7EH=e8bo=ENvrEv76Yzi_5a5PFn4a3qxCfcQ-EyMCw@mail.gmail.com>
Date: Mon, 7 Apr 2014 05:47:36 -0400
From: Bill Cox <waywardgeek@...il.com>
To: discussions@...sword-hashing.net
Subject: Re: [PHC] Re: Mechanical tests

On Mon, Apr 7, 2014 at 2:58 AM, Christian Forler
<christian.forler@...-weimar.de> wrote:
> On 05.04.2014 17:53, Poul-Henning Kamp wrote:
>  [...]
>>
>> I'm not defending POMELO in any way, I havn't even looked at it yet.
>>
>> I'm just pointing out that while dieharder is a damn good too for
>> what it is designed for, it is not designed for what we're trying
>> to do here.
>
>
> A common use-case for a password hashing schemes is password based key
> derivation. Cryptographers assume that keys to be random. This
> assumption is crucial for the security of almost all cryptographic
> schemes. Therefore, (for an adversary) the output of a good password
> hashing scheme should be indistinguishable from random. Hence, dieharder
> is IMHO a valid sanity check tool.
>
>
> Best regards,
> Christian

In that case, you might be happy to know that Catena passed :-)

Bill

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ