Date: Mon, 2 Mar 2015 09:02:33 +0100
From: Krisztián Pintér <pinterkr@...il.com>
To: discussions@...sword-hashing.net
Subject: Re: [PHC] PHC status report



Solar Designer (at Monday, March 2, 2015, 7:38:49 AM):

> (I acknowledge that there are some scenarios, which
> might become more common in the future, where the lack of cache-timing
> resistance has practical security cost, too.  And I'd like to thank
> Krisztian for reminding us of these on several occasions.)

let me remind you that the topic did not receive a whole lot of
attention, and mostly met silence. if there was any discussion on the
private forum, it would be useful to hear about it. the only reaction
i can recall from the panel was Jeremi Gosney, and his rather peculiar
remark of "Password hashing is not cryptography. Timing attacks are
not a practical concern in password hashing, especially not with
salted schemes."


> Yes, Rig update was accepted and was considered along with other
> submissions after that point, but Rig already ranked poorly by that time
> and there was no policy to require panel members to reconsider their
> assessment of a candidate whenever an update was received and accepted.
> So bugs in the earlier version did affect the non-selection.

after reading this five times, i'm still unable to find any meaning
that would be acceptable.

please explain me in what framework does that make sense? catena got a
complete rewrite after a practical break. and it was still accepted.
apparently, a bugfix in an implementation was not.

this and other remarks from other panel members just make me more and
more convinced that there is no rationale behind the decision, but
only personal preference. the status report is only a patchwork to put
something on the table. if it was down to a voting, i think we should
see the results of that voting. why is it secret again?

Powered by blists - more mailing lists