lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAHOTMVLcKC5Wg8L++rySBtpFsP9On7o2WvTco+C-3WGOjymSzg@mail.gmail.com>
Date: Mon, 23 Mar 2015 20:15:44 -0700
From: Tony Arcieri <bascule@...il.com>
To: "discussions@...sword-hashing.net" <discussions@...sword-hashing.net>
Subject: Re: [PHC] PHC: survey and benchmarks
On Mon, Mar 23, 2015 at 7:33 PM, Steve Thomas <steve@...tu.com> wrote:
> Yeah I saw that too it kind of invalidates most of their findings. Since
> we know
> they didn't pick the parameters correctly.
>
FWIW Frank Denis tried to "normalize" these parameters in the libsodium
wrapper to scrypt:
https://github.com/jedisct1/libsodium/blob/master/src/libsodium/crypto_pwhash/scryptsalsa208sha256/pwhash_scryptsalsa208sha256.c#L18
I think this is an interesting idea and food for thought for the PHC
function signature.
--
Tony Arcieri
Content of type "text/html" skipped
Powered by blists - more mailing lists