| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 01 Oct 2014 13:43:21 -0300 From: Marcos Simplicio <mjunior@...c.usp.br> To: discussions@...sword-hashing.net Subject: Re: [PHC] Design Rationale and Security Analysis of PHC candidates Hi. I'm not sure whether "attacked" applies to the 'Tradeoff analysis" of Lyra2: originally there were no claims on attacks involving half of the memory usage, but only against a very low memory usage. We do have such claims in the new version to be submitted (assuming Lyra2 moves to the phase in which such tweaks are allowed), and the attack venue described does not seem to be effective in that case. Also, the "FPGA/ASIC defense" does not take into account all tweaks described in the documentation, although I agree with "attacked" if you consider only the basic design and ignores this part of the document. Anyhow, very interesting analysis! BR, Marcos Simplicio On 30-Sep-14 08:12, Dmitry Khovratovich wrote: > We have prepared a small survey of the design rationale and security > analysis of the PHC submissions. It should help the committee to evaluate > the candidates and the community to see the status and potential strengths > and weaknesses of the candidates. > > We are welcome to any feedback. We plan to add further information to the > tables, possibly in the spirit of Microsoft criteria. > > The permanent link is > > https://www.cryptolux.org/images/4/4f/PHC-overview.pdf >
Powered by blists - more mailing lists