lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 02 Sep 2014 20:33:37 -0400
From: Bill Cox <waywardgeek@...hershed.org>
To: discussions@...sword-hashing.net
Subject: A review per day - Parallela

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I remember thinking the code for Prallela was easy to read.  Here's my
notes from last spring:

- - Parallela is a tiny KISS PBKDF2-style hash
- - Doesn't use HMAC
- - Has parallel and serial time costs
- - Nice little PBKDF2 upgrade

I don't expect to be able to do a lot of the work I can do on memory
hard algorithms.  No TMTO attacks, no benchmarking different memory
sizes, running memory hash data through Dieharder, etc.  So, I'm
looking forward to an easy review :-)  I'll just check the input
hashing of parameters, see if can find any bugs, verify that I can't
bypass the serial computations, verify that it outputs at weakest
settings still pass Dieharder tests, etc.  Sounds fun.

However, if you'd like to dump on Parallela, this is a good time to do it!

Bill
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJUBmHeAAoJEAcQZQdOpZUZFLMP/2XfWYnJUXil8X0+1HHxoTFx
5jh4y+PMB0R2tSH3zw65DY16Nnxn6MoPcTGrrHzyPc6Ltm1CTXjXWn7Z1KZxnwCK
NpYYhGX/Q0/Ds/z2Heu0km9D/EEeA5M/z1ap+4VHZnusyPjIP+PSFbxQhLuz7Gsu
oqUqn9URH2e56lZ2lWHJVCm1PMkVGcrEwQJFqI1/1rRPkwukgkZsWl/3iDt97DiJ
pAk4ZCmqy0/j5mK3lyWFbyDWoV82jmByiZYMOHm+e4PDMYl6DoFP5hgVvPXv5PWc
B2xVqfIVN7hZnqE2VtSqI9OFKjrgfqehOVffKYi4v7oYsKMq4WWM1SexfwUvxEvH
CRTncNUMyQmxorYx1KL5Ix/rV90Wfhfp9botU2Wj6mudlo7qzJd8tP2k3OfSIk9k
ZgtpiKXsWqtXybg9ckObrC/xD2inFzRWqstfvjLJ8doNno1WnFQ4O/7BfxEWCgEm
3lHhvML+fKscKLXnCm1SDmWxsX787xurjF02xjbTACf7wIc+ogmaOZiBi7O6OQOh
cRrmIOlAq+P6ZQmuc8XHyBV+abHi1Rs1cu1to+8L13eXTzxQWKHQTYZrTKSD4Mg0
fpDrCFO8uR0m3FWNrPlTSh3hvNVOLqvVb1KY2p5l+5bYvSHIfaJPOycoh+EIzZM1
SgHXftoq0Edq5VGOQHnN
=XfsI
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists