lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 15 Apr 2014 20:29:02 +0200
From: Dmitry Khovratovich <>
To: "" <>
Subject: Re: [PHC] more woes, last woes

Hi Krisztian,

The main strength of Argon is the penalty it imposes on any memory-saving
attacker. If you afford only half of memory, the time complexity grows at
least 90-fold.  We hope that the new text on wiki clarifies that.

We removed all vague statements, as 'simple' is indeed to subjective.

Best regards,

On Tue, Apr 15, 2014 at 6:28 PM, Krisztián Pintér <>wrote:

> okay, maybe i'm too bitchy, so this is the last time i'm not going to
> complain about this, and then i let people in charge to deal with such
> things.
> here are argon strengths as of now:
> > Tradeoff-resilient (50-70 computational penalty for using 1/2 of
> > memory)
> what does that mean? 50-70 what?
> > Simple architecture
> simple compared to what? certainly not simple compared to pbkdf2, or
> compared to catena.
> > Fast with AES-NI (five-round AES)
> what does that mean? why do we care how fast it is if we plan to run
> it for 100ms anyway? what is "with" here? aes-ni is a prerequisite of
> fastness? or cause? what is the point?
> if the strengths section will continue to contain such vague and adhoc
> claims, its usability will not be very high.

Best regards,
Dmitry Khovratovich

Content of type "text/html" skipped

Powered by blists - more mailing lists