lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 24 Mar 2015 23:50:44 +0100
From: Milan Broz <gmazyland@...il.com>
To: discussions@...sword-hashing.net
Subject: Re: Another PHC candidates "mechanical" tests (ROUND2)

On 11/10/2014 09:22 AM, Milan Broz wrote:
> Hi all,
> 
> I run some simple tests with almost all PHC candidates
> (plus Catena2 and RIG2 submitted here).
> 
> Maybe it could be useful, it is in fact it is kind of an independent extension
> what Bill Cox sent here for reviews.
> 
> The long description with pictures here
>   http://htmlpreview.github.io/?https://github.com/mbroz/PHCtest/blob/master/output/index.html
> 
> Code and raw output is on github https://github.com/mbroz/PHCtest


I promised to update libraries to contain new candidates and repeated/added some tests...

The updated test report (draft) is here

  https://github.com/mbroz/PHCtest/blob/master/output/phc_round2.pdf

The runtime measurement of used memory should be probably compared with limits just
posted here by Steve (but is it seems to fit quite well).

Anyway, in short:

- added separate tests for optimized variants (Argon-AESNI, Lyra2-SSE, POMELO-SSE, yescrypt-SSE)

- updated to tweaked versions, added "new" algorithms (Argon2*, Catena*fly)

- no problems with Dieharder run

- a lot of illustrative graphs produced

- battcrypt, MAKWA, Parallel and yescrypt produces the same output on big-endian system.
  All other candidates are broken there (probably quite easy fixes possible).

- Some candidates need code fixes to be usable in Linux (and with gcc compiler in general).
  (Argon/Argon2i is the most problematic. See section 1.3 in document and separate patches in git.)

- I added some test case for my intended use (KDF for LUKS) for few functions.

Please let me know if it is useful (and correct me if something is wrong there or should
be added).
(It was intended as appendix in some work about KDF replacement but it can extend
existing tests as well or so ...)

Thanks,
Milan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ