lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 13 Apr 2014 10:36:52 +0400
From: Solar Designer <>
Subject: Re: [PHC] The best of the best, IMO

On Sat, Apr 12, 2014 at 08:52:59PM -0400, Bill Cox wrote:
> Blowfish inspired: either Pufferfish or Battcrypt (I have no current
> preference for one over the other)

I think these aren't exactly in the same category.

Pufferfish tries to improve upon bcrypt by deviating from Blowfish
proper as core of this bcrypt-inspired scheme.  With this, it goes
64-bit and beyond 4 KiB.

battcrypt focuses on bringing bcrypt-like GPU resistance, staying at
32-bit and 4 KiB for that, to scripting languages, etc. that provide
Blowfish (but not bcrypt) as a native code primitive.  (Implementing
bcrypt in those languages would be too inefficient, killing the anti-GPU
advantage it otherwise has over e.g. something based on SHA-512, because
bcrypt doesn't build solely on top of a full Blowfish implementation.)
battcrypt also goes beyond 4 KiB for its total memory cost, with a
separate layer (unlike Pufferfish, which has only one layer).

In other words, Pufferfish is primarily for native code implementations,
and battcrypt is primarily for scripting languages with native Blowfish.

Jeremi, Steve - are the above correct summaries?


Powered by blists - more mailing lists