lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 14 Apr 2014 21:36:38 +0200
From: Thomas Pornin <>
Subject: Re: [PHC] gambit wiki strength

On Mon, Apr 14, 2014 at 03:09:19PM -0400, Bill Cox wrote:
> Makwa has "offline workfactor increase" and references the Catena paper.
>  Not a clear indication that the idea was from Catena, but the fact that
> this feature was included may vs be Catena inspired.

I also reference PBKDF2, Scrypt and SRP; it does not mean that I reused
any specific feature of these algorithms or even "took inspiration". In
a loose sense, I took inspiration from the entire Universe, since my
thought process are the product of my social environment (that's what
Leibniz would have claimed). In a strict sense, Makwa is based on the
"timed commitments" from Boneh and Naor (not at all a password hashing
function, but I saw Boneh explaining his findings at that time, and the
idea stuck in my mind as "a way to make computations slow"); and
HMAC-DRBG is imported from NIST (I had used the same KDF for the
definition of Deterministic DSA -- RFC 6979 -- and it had served me
well, so I just used it again).

The offline workfactor increase, as defined in Makwa, comes straight
from the "call for submissions", which lists it as a desirable

  Ability to transform an existing hash to a different cost setting
  without knowledge of the password.

I designed this part of Makwa quite early, back in April 2013 (though I
wrote the code and specification only in January 2014). I was not aware
of the existence of Catena at that time.

Anyway, I think that if you want to be useful and feel like you could
write entries into the Wiki, then by all means go for it. Especially if
you want to fill out empty entries. A Wiki works on the assumption that
most writers are honest and well-meaning, and that some surveillance
(e.g. by the PHC Panel people) is sufficient to maintain order. If other
people are not happy with your edits, then they can fix them in any way
as they see fit. It _may_ be that this degenerates into local edit wars,
which would then warrant some mighty smiting from the Panel, but I am an
Optimist and I believe that we should give cooperation a chance.

	--Thomas Pornin

Powered by blists - more mailing lists