| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20140414205510.GA30918@openwall.com> Date: Tue, 15 Apr 2014 00:55:10 +0400 From: Solar Designer <solar@...nwall.com> To: discussions@...sword-hashing.net Subject: yescrypt to gain Catena features (Re: [PHC] gambit wiki strength) On Mon, Apr 14, 2014 at 03:09:19PM -0400, Bill Cox wrote: > Yescript: The is surprisingly little in the Yescript code that seems > inspired by Catena. I think Alexander is a fan of client-independent > update, but I don't see support for it in the code. Perhaps Solar Designer > feels worse about using other people's good ideas than me. He does have > server-relief, but it's an extended version meant to be nearly compatible > with SCRAM. I can add cost upgrades (client-independent updates in Catena terms) without breaking compatibility with yescrypt's current hashes. I intend to add this maybe in the tweaks period. I also intend to add cache-timing resistant mode(s). The reason these things aren't in there yet is that I focused on core functionality first, whereas I view these as nice extras. I simply didn't have time for these extras without impacting my work on the core. I also feel that yescrypt is complicated as it is, so having even more functionality in there might be counter-productive for initial reviews. I have no problem using other people's good ideas, with due credit and as long as the ideas aren't patented - e.g., yescrypt builds upon scrypt, and a future version will likely optionally use Catena's bit reversal. Alexander
Powered by blists - more mailing lists