lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 02 Sep 2014 20:33:37 -0400 From: Bill Cox <waywardgeek@...hershed.org> To: discussions@...sword-hashing.net Subject: A review per day - Parallela -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I remember thinking the code for Prallela was easy to read. Here's my notes from last spring: - - Parallela is a tiny KISS PBKDF2-style hash - - Doesn't use HMAC - - Has parallel and serial time costs - - Nice little PBKDF2 upgrade I don't expect to be able to do a lot of the work I can do on memory hard algorithms. No TMTO attacks, no benchmarking different memory sizes, running memory hash data through Dieharder, etc. So, I'm looking forward to an easy review :-) I'll just check the input hashing of parameters, see if can find any bugs, verify that I can't bypass the serial computations, verify that it outputs at weakest settings still pass Dieharder tests, etc. Sounds fun. However, if you'd like to dump on Parallela, this is a good time to do it! Bill -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJUBmHeAAoJEAcQZQdOpZUZFLMP/2XfWYnJUXil8X0+1HHxoTFx 5jh4y+PMB0R2tSH3zw65DY16Nnxn6MoPcTGrrHzyPc6Ltm1CTXjXWn7Z1KZxnwCK NpYYhGX/Q0/Ds/z2Heu0km9D/EEeA5M/z1ap+4VHZnusyPjIP+PSFbxQhLuz7Gsu oqUqn9URH2e56lZ2lWHJVCm1PMkVGcrEwQJFqI1/1rRPkwukgkZsWl/3iDt97DiJ pAk4ZCmqy0/j5mK3lyWFbyDWoV82jmByiZYMOHm+e4PDMYl6DoFP5hgVvPXv5PWc B2xVqfIVN7hZnqE2VtSqI9OFKjrgfqehOVffKYi4v7oYsKMq4WWM1SexfwUvxEvH CRTncNUMyQmxorYx1KL5Ix/rV90Wfhfp9botU2Wj6mudlo7qzJd8tP2k3OfSIk9k ZgtpiKXsWqtXybg9ckObrC/xD2inFzRWqstfvjLJ8doNno1WnFQ4O/7BfxEWCgEm 3lHhvML+fKscKLXnCm1SDmWxsX787xurjF02xjbTACf7wIc+ogmaOZiBi7O6OQOh cRrmIOlAq+P6ZQmuc8XHyBV+abHi1Rs1cu1to+8L13eXTzxQWKHQTYZrTKSD4Mg0 fpDrCFO8uR0m3FWNrPlTSh3hvNVOLqvVb1KY2p5l+5bYvSHIfaJPOycoh+EIzZM1 SgHXftoq0Edq5VGOQHnN =XfsI -----END PGP SIGNATURE-----
Powered by blists - more mailing lists