| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGiyFdfVSZuzX3esF5q7MQkyiGOcwT+=hJHVRk43e8doirVa0Q@mail.gmail.com> Date: Tue, 27 May 2014 14:22:36 +0200 From: Jean-Philippe Aumasson <jeanphilippe.aumasson@...il.com> To: discussions@...sword-hashing.net, Михаил Масленников <mikhailmaslennikov@...dex.ru> Subject: Re: [PHC] MCS_PHS memory cost parameter on https://github.com/bsdphk/PHC/blob/master/MCS_PHS/code/mcs_psw/mcs_psw.cpp#L57 an array tmp[] of m_cost bytes is filled with predictable values, thus it doesn't need to be stored. if we look at the specs, on p3 and p4: * steps 3 initializes a large array T_0, then * steps 4 computes an iterative hash of T_0 to create a short T_1, then hashes T_1, etc. as I understand from the specs of MCS-SHA8 in http://crypto.systema.ru/mcssha/MCSSHA-8%20(eng).pdf, the function iterates over blocks of the messages, and the complete message doesn't have to be kept in memory to be efficiently hashes. On Tue, May 27, 2014 at 1:39 PM, Mikhail Maslennikov <mikhailmaslennikov@...dex.ru> wrote: > > > 27.05.2014, 13:32, "Jean-Philippe Aumasson" > <jeanphilippe.aumasson@...il.com>: > > AFAIU from the MCS_PHS specs, the memory cost parameter dCostLen is > ineffective: > https://password-hashing.net/submissions/specs/MCS_PHS-v0.pdf > > > > -- > Dear Jean and all other members of PHC. > > I prepare my answer in attachment. I can't understand what's problem. I can > make some modifications of MCS_PHS, but, please, explain me, what is your > requirements or simply wishes. > > > Best regards. > > Mikhail Maslennikov.
Powered by blists - more mailing lists