lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 02 Sep 2014 06:49:51 +0000
From: "Poul-Henning Kamp" <phk@....freebsd.dk>
To: discussions@...sword-hashing.net, Rade Vuckovac <rade.vuckovac@...il.com>
Subject: Re: [PHC] A review per day - Schvrch

--------
In message <CAG+Gt9ZwKnCamXQEPP2iFSmN1HO6nBC8wqdg8QHQsS_o6BxLkQ@...l.gmail.com>
, Rade Vuckovac writes:

I think Bill missed the point about Schvrch *big* time.

Cryptography is at its foundation about finding ways to mix up bits,
to make them unrecognizable without loosing their entropy.

Once you dive into it, the actual palette of tools at our disposal
is much smaller than most people realize, and many of those tools
are even specific variants of more general tools from the same
palette.

Schvrch adds an entirely new tool to the palette -- no mean feat.

I have no idea how Bill could overlook this, but my guess is that
the compactness of what was proposed and the lack of orthodox
encryption primitives deceived him into not paying proper attention.

He should.

Schvrch was one of the submissions which made PHC worth the effort for me.

Schvrch's mathematical pedigree lists both Von Neumann[1] and
Wolfram, both were fascinated and frustrated by the seemingly
unlimited complexity arising out of trivially simple rules.

That of course is no guarantee of cryptographic utility.  Only time
and analysis will tell if Schvrch's new tool is any good.

But Bills dismissal of mathematics which frustrated both Von Neumann
and Wolfram as "just XORs states together" and concluding that "not
much effort went into it" is not even wrong.

Poul-Henning

[1] The paper inexplicably fails to credit him.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@...eBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ