lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 10 Nov 2014 11:49:56 +0100
From: Christian Forler <christian.forler@...-weimar.de>
To: discussions@...sword-hashing.net
Subject: Re: [PHC] Another PHC candidates "mechanical" tests

Am 10.11.2014 um 09:22 schrieb Milan Broz:
> Hi all,
> 
> I run some simple tests with almost all PHC candidates
> (plus Catena2 and RIG2 submitted here).
[...]
> Code and raw output is on github https://github.com/mbroz/PHCtest

Nice work. Good job.


>  - Catena/Catena2 implementations allows to produce hash of length >256 bytes, which is apparently wrong


The output length of Catena is limited to the output length of
underlying hash function. Hence, for Blake2b and SHA512 the max output
length is 64-byte.


BTW. The PHS function returns -1, if you call it with inlen  > 64, since
this configuration is not supported at all.


This is a reasonable restriction, since passwords are usually
low-entropy secrets.


PS.: The Catena-KDF interface (Catena_KG) supports arbitrary output lengths.


Best regards,
The Catena Design Team



Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ