lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 30 Mar 2015 15:47:13 +0200
From: Krisztián Pintér <>
To: "" <>
Subject: Re: [PHC] Another PHC candidates "mechanical" tests (ROUND2)

On Mon, Mar 30, 2015 at 3:05 PM, Solar Designer <> wrote:

> For practical purposes, the point is moot, and there's an easy fix of
> e.g. passing the KDF output through SHA-256 or -512 if you're doing

it is doable, but you need to know more about the output. namely how
much bits you need if you want for example 128 bit security. in the
pomelo paper, i found no claims about the security levels at all. also
i find the claims about preimage and collision resistances very brief,
and thus impossible to check or argue with.

do we have more information somewhere on pomelo basic security?

Powered by blists - more mailing lists