lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 5 Sep 2014 21:16:08 -0400
From: Santiago Torres <>
Subject: Re: [PHC] A review per day - PolyPassHash

Hello Bill,

Thanks for reviewing PolyPassHash (now PolyPasswordHasher)! As you
mention, trying to fit our scheme to the competition's API definition
was a real hurdle; mainly because our algorithm needs to preserve
state that depends on previous input.

I wrote the C implementation and would appreciate if you could share
information about any issues you had making it run so I can fix them.
We are rolling out a Django implementation on servers here
(, in
case anyone is interested.

I spoke with Professor Cappos and he agrees that PolyPasswordHasher may not
fit the contest that well since it is more about password storage than
hashing.  If it makes sense, we would love to work to have the storage
scheme in PPH adopted by the eventual winner(s).

Thanks again!

On Tue, Sep 02, 2014 at 08:46:31PM -0400, Bill Cox wrote:
> Hash: SHA1
> On 09/01/2014 04:25 PM, Bill Cox wrote:
> > PolyPassHash is a very cool idea.  To authenticate any password,
> > you have to prove you know at least N correct user/password
> > combinations. Once you've done this, you can authenticate passwords
> > as they come in.
> > 
> > This falls into the "other" category.  It might be a useful
> > bolt-on for an authentication server along with a decent password
> > hashing scheme.  I am really glad the author submitted it so we
> > could all enjoy reading about the algorithm.
> > 
> > However, I feel it is far enough removed from being a password
> > hashing scheme that it doesn't belong among the eventual "winners".
> > If we can give it an honorable mention, that would be fine :-)
> > 
> > Since this is the place where I list my gripes, I will mention that
> > I had to do a lot more debugging work to get PolyPassHash working
> > than the others.  However, it's no big deal.
> > 
> > I think that's all I really have to say about PolyPassHash, other
> > than to thank the author for the cool paper.  Thanks!
> > 
> > Bill
> > 
> Just in case anyone was thinking I passed on the review of
> PolyPassHash because I thought reviewing it would be distasteful or
> anything, that's not it at all.  I just don't know how exactly to
> evaluate it.  It's too different.  For example, it likes to return the
> same hash regardless of password, IIRC, but it's not a bug!  Something
> about initializing the database of password hashes... I forget, and I
> would like to keep it that way!  I consider it one of these
> proof-of-concept things, rather than production ready code that needs
> big geeks to tear it apart looking for bugs and weaknesses.  However,
> if they get to the point of where they need big geeks to tear apart
> their code, I'll be glad to help :-)
> Bill
> Version: GnuPG v1
> 4DLBtDSBnZo+sVWKYRNxfgMUKDknSobfFF7hh2sdbpFPKEKk6FGKC/Vn6is0mNC8
> yQ+3u+enQz3z5m89yde41Minlh7yaHdI48k94v77cnE/X1eIL7mM2eiJGtru4YxH
> E6/bTJohcMXQPWUSuAHzFZHdsxYPjJ8lSZsA/Dt2LfQR+/V9qcYlD325ZYSWY/b/
> zGRDYeKFuwBWHZZ+Rjg5/CjaB8sh5Ys0h+JIrRXKmGHvpTO0YPk+tfjAPlQYwk4v
> WXOIwbFt8IJQCmVhpSHlyfQoGy0lnI4qY7dbXqfYJU9MlWrrDyZ7mWUWIBW8V65U
> qZ0MWd6TjAaISvWzPzq1EO699Y6ykOwDU3xbZSKbYI89O+CHL4YrBErHwnDIHD5b
> 4bYSOSysP7hsoPb22Xg9uslz4LyaATwGpCV/OE0OjWEG6BFHfNlNz0DmFY8B18+7
> oqtszvY1LMlufMxJr9H1ZvJqmez21LS0oCn4z4qugyurVdJQAr/CQkLwjK5kSsV2
> ESiusOocgEPFy27yrIyZ6FxNmr518HaFJZ514lwQoyUtIk9SRkZNojNgeW/KFfan
> wFHE/0Opzcy56+EQhm8lyKPOQCPW+vfnOTMBYKGyOpmHFZjpEtNbjZd6iomdf16Q
> =f/E3

Powered by blists - more mailing lists