lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <540C4216.1070009@ciphershed.org>
Date: Sun, 07 Sep 2014 07:31:34 -0400
From: Bill Cox <waywardgeek@...hershed.org>
To: discussions@...sword-hashing.net
Subject: Re: [PHC] A review per day - skipping Makwa

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 09/05/2014 04:10 PM, Bill Cox wrote:
> - Page 18, step 2, is that really x^2?  It makes sense to me if
> it's just x.

I reread it, and duh... It makes sense now.  The hash ix x^(2^(w+1)),
not x^(w^2).  I'm sure this is simply to protect the password derived
key x in case someone solves the knapsack problem

What happens in the future if Makwa is broken?  Application of a pre
or post cryptographic hash function would provide some protection,
though not much.

Having a pre-hash enables longer passwords, and provides some
protection in case Makwa is broken.  A post hash provides shorter hash
tags, but defeats work-increase.  Catena style garlic can still be
used for off-line increase, but when using delegation, it
unfortunately requires delegation for each level of work increase to
authenticate a user.  However, a new hash tag at a new work factor
could be recorded the first time a user logs in, so that's not too bad.

I think I prefer the Catena-style work increase, and work factor w
values that are powers of 2 only.  This enables short hash tags which
I think will be more popular.

Bill
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJUDEISAAoJEAcQZQdOpZUZEvcQAJfK0lgdM8OdD+ZvRSl1KKnc
me87ONchbNNbuyM2iEI+r7jaMD41JFZ3kSFWlUROLRoq5RvzlFBGZTb5P4ZJXJNw
xCjCSALecBo2im9W7PenUPlr8O0VzUxsksd0nP8J26iTKhfoDpm1Sbh9DmcQWeUg
+5eijRc0kkUFPOXdG8v2fa/XTXZV+reAmqDzfb20sSzqdNypkwYfyD2OyoLtLoar
i2IfrLEzZcufgyOAPUhQBWPVr0xXqHUVVaxtPnWSWN53TfU4SiPzdde8PeimhrXU
crhqGHreBZSVQLqUj66cIVr33Kx6ICw2G8N3F99Y7xuoOuf5lnyQODb3zE3xhCkV
whultMG2XyzHfh3x9qHkjGxxJ5w1Q9/aavpLbZmjtbGQYuNrLYKtSzuQC9D71nXt
z/aavBZ+HRP8fqSKfrz41gfhcR9DgF3Sg8n0TGidXQae/fmM+zim18KJKXqBJTwF
uGxvMcVX7GCUj40dukG0vTMxhTtcDJSHKdCj8RzChS2xlqaJtvLRYCSj1xztK2gf
lmpiobrtGjdGE4BriWuNhg7MhHZaRUS3z09QkJg4x53t017G2wZxD0blvLsWmFYS
Qzsv8tQTuKqTgK0rFL2+jvdRa5Wo+k4+9j3g4lRk0q57Upn9f8mvpiOJ46XXYxCd
aHr1JP4rtGS6mBYKvmuS
=+McR
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ