| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 02 Sep 2014 20:22:52 -0400 From: Bill Cox <waywardgeek@...hershed.org> To: discussions@...sword-hashing.net Subject: A review per day - you can opt out -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I think it is hard for me to deal with real people in any sort of understanding way about their code in a review of candidates. I would prefer not to deal with entries where I might easily offend the author, given that I tend to be more offensive than most people. So, please feel free to send me a note publicly or privately if you would prefer that I not review the code in your submission, either with a reason or without one. I wont even state why I'm skipping an entry. In case your code is not meant to be a solid framework for a production ready password hashing scheme, that is a good excuse. If your entry is more of a proof of concept, that is a good excuse. If you feel your paper and concept are solid, but the code is not yet ready for prime-time, that is a good excuse. I'm really just poking at the code, and mostly looking for security flaws, though I'm trying to also say what I like about each scheme. However, if you consider your code ready and up to the challenge of a big dork like me attacking it, I look forward to the review! I need practice finding weaknesses in code anyway, since I've signed up for the Security Team at CipherShed, to help insure their code is back-door free. Bill -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJUBl9ZAAoJEAcQZQdOpZUZAHQQAKVwgL/bQqHu6L5ZDesoE9W4 /0Oc87slWZHtyDbNwXjP2mqIk8k6EYW1lzd4iGcITynTAdB0EbgcGD0TXtEIxFwp ibspzmFtiJDFJuigcrsu+dxFkGJrdUhsBS3p6E9lDoLAKe85xMBGRIRFWd9lGXkZ 9FjZdQ4KidErDXB0UHlp/MA1BxDtsiBgA70tyficf/c4KY00P4nx2qPbbb0yDkdc KRGr9w8atFgfzpN50U9F5dDf7T/S+nHBeQhZGHXRSoKOpi+JApr9X1+vFvzyENrs pAYdErTqQjAlsMLGevbhmKZ72G0+ZkjuLpu7OK38VrGjeJCVIBkGWQA2ohPzP4LB 2XggWnna2VWY2rYURObLOIkg6cAnrF5ySAXKz/F32eHZtK1BCKxC1yoCAK2FKClB JlKwGoZ1acSmq/uf9tIpECX8jmB7dca4URXfiytYO+NyeVys4nzDJNr+6Hp7+rQL ZnM6GM9p0uoEjy44oHoi4e5xxmQwvci8QblN6knrRqNdJLfnpVxWedoyHiCWgXtA NVRx+ONoIoqx1w++fJZ9MpaYCBZezw9rTPS8E6wTvZc3NI2JtX6LItuybjPWbwQW IZsoQe77Nzb3CYJdwCUQqeRqr3YLFfGDKfcu/jak2FoPeNzZtanMeNv8ZHh0d/8w BG3O/Qlxqs4Zp31CGeAN =i6zB -----END PGP SIGNATURE-----
Powered by blists - more mailing lists