| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <540715F1.4040709@ciphershed.org> Date: Wed, 03 Sep 2014 09:21:53 -0400 From: Bill Cox <waywardgeek@...hershed.org> To: discussions@...sword-hashing.net Subject: Re: [PHC] A review per day - Parallel -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I am going to personally give Parallel a qualified "A" grade, and suggest to the judges that Parallel make it to the next round. Do we have any graphics experts here who could chime in? The competition has no other entry designed to make use of graphics accelerators for defensive purposes. Even our cell phones have graphics hardware now days. It seems crazy not to use these resources for defensive purposes. I would hate to see our only entry in this category get dropped from the competition. My only qualification is that I think SHA512 is a poor choice for hash function, as is SHA256, Blake2b, SHA3, and every other cryptographic hash. Every one of these is designed for cheap and fast implementation in an ASIC! What I would like to see for Parallel is an effort to find a graphics accelerator optimized hashing function which is hard to implement in an ASIC. I do not feel it needs to be a cryptographically strong hashing function, just something that doesn't lose entropy and which the attacker can't compute with short-cuts. It should be difficult to accelerate in an ASIC, so it probably needs to make parallel use of the cores and memory commonly available on graphics accelerators. Surely graphics experts could help us here. I bet there are some pretty awesome graphics-acceleration-hard solutions waiting to be found that will simply trash ASIC attacks. Without a graphics-card optimized hashing function option, I would have trouble recommending that Parallel deserves to be one of the PHC winners. With such a function, I hope it will be. I am willing to help with the ASIC defense analysis. If there were a graphics expert here I could work with, we might be able to help Steve out. Bill -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJUBxXuAAoJEAcQZQdOpZUZlWoP/1mjEdBDROH9p/ACTKjJuLrO rj+GXw2SZZzkJZECULqaEXrilsNcatTQ48NjA6djfOB3fTsAxZn8ndFAw/VV3wyf m4+QH/nVipl5eCxj4mHiAOjL5aoYSS/+b1xMg/unD7jztcoVCK8Y2iXGvPAaypWP vXyDoWnOpSzDBuxUaAbT4thoVx5A0NkJN5tURvdOxfrjitY+Ml13cKEsucUHKE0s z7Gnutn8YuvXMajBPa6r8P9q2TuYK5ZamDcmojT49v5rl1PX3q9/swAtJRN1zHYz mzwnu2H6b6iTQZdbOsaJQs5enE+Ea+dwhKt8romWXs9qbDNSBsE9g5L+WVQCIDTB Qfq8zcH7dZoc3Se0/IJUJUPuUJC/7GFA3XOqG03oFFDL/KNm1Fbmu/gMjOXO/rYp NYAPiuRF9rkte/QJieF6a7ra/YNkosNcdGYvNJqR2R6NQHM4lkWaBldUFNS+aTbu 1Mz0H4G71bNy0NfQvB4uKBglP9qsAgUEI1RwB7SH9leFttVc+THJQ/aP1tA3tTpJ maOKTtB7yA1pRERrWO8tuLY7zd75ChiTpWLJT4O3HJIqPiOmvsymA2UFlUD3Wx43 XZ8tW+r7jW1/Z9S/4SLXV3Kzt+wF+wrvIGtctKv08ZEDNBTocML0sC72MrxBJSwn 0ja6bGPF7avfiXNfiIJe =dvmo -----END PGP SIGNATURE-----
Powered by blists - more mailing lists