| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 15 Apr 2014 20:29:02 +0200
From: Dmitry Khovratovich <khovratovich@...il.com>
To: "discussions@...sword-hashing.net" <discussions@...sword-hashing.net>
Subject: Re: [PHC] more woes, last woes
Hi Krisztian,
The main strength of Argon is the penalty it imposes on any memory-saving
attacker. If you afford only half of memory, the time complexity grows at
least 90-fold. We hope that the new text on wiki clarifies that.
We removed all vague statements, as 'simple' is indeed to subjective.
Best regards,
Dmitry
On Tue, Apr 15, 2014 at 6:28 PM, Krisztián Pintér <pinterkr@...il.com>wrote:
>
> okay, maybe i'm too bitchy, so this is the last time i'm not going to
> complain about this, and then i let people in charge to deal with such
> things.
>
> here are argon strengths as of now:
>
> > Tradeoff-resilient (50-70 computational penalty for using 1/2 of
> > memory)
>
> what does that mean? 50-70 what?
>
> > Simple architecture
>
> simple compared to what? certainly not simple compared to pbkdf2, or
> compared to catena.
>
> > Fast with AES-NI (five-round AES)
>
> what does that mean? why do we care how fast it is if we plan to run
> it for 100ms anyway? what is "with" here? aes-ni is a prerequisite of
> fastness? or cause? what is the point?
>
> if the strengths section will continue to contain such vague and adhoc
> claims, its usability will not be very high.
>
>
--
Best regards,
Dmitry Khovratovich
Content of type "text/html" skipped
Powered by blists - more mailing lists