lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 12 Feb 2015 02:35:00 +0000
From: Samuel Neves <>
Subject: Re: [PHC] PHC status report

On 11-02-2015 21:24, Donghoon Chang wrote:
> In other words, NIST's report is like this.
> "We could not choose X algorithm though X has many good features with
> plentiful paragraphs."
> But, I found that this kind of effort in the PHC is missing. Instead of
> saying encouraging words or describing good points of each algorithm, the
> report says like this,
> "We could not choose X algorithm because X has some negative aspects with
> very few words."

That is indeed how the later stage SHA-3 reports are done. However, I went back and looked at the SHA-3 Round 1 report
[1], which would be the rough analogous to the phase we are in right now. There is no comment on the 37 rejected
candidates beyond some initial generalities about criteria (which, as you pointed out, were mainly security and
performance). I am quite confident each of these rejections are fully justified, but the report is definitely not where
one will find them. Similarly, Phase 1 of the eSTREAM competition yielded no formal report at all (that I can find; I
only found [2]), simply a selection.


Best regards,
Samuel Neves

Powered by blists - more mailing lists