lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 1 Apr 2015 22:39:50 +0200
From: Dmitry Khovratovich <>
To: Jean-Philippe Aumasson <>
Cc: "" <>,
 "" <>
Subject: Re: Announcing the PHC winner

This is cool!!!

> On 1 Apr 2015, at 12:18, Jean-Philippe Aumasson <> wrote:
> After over two years of in-depth analysis and careful deliberation, today the
> panel is pleased to announce that LM Hash has been unanimously selected as the
> winner of the PHC. To many panel members, the choice was obvious.
> Selection criteria includes the following, in no particular order:
> - LM Hash leverages the well-studied and proven DES block cipher.
> - Most users only select passwords that are 6 – 8 characters long, so LM Hash’s
> 14-character limitation is more than reasonable for the majority of use cases.
> - LM Hash is not case-sensitive, reducing the number of password reset requests
> and Help Desk tickets that result from users not remembering their precise
> passwords.
> - Most LM Hash values have already been pre-computed and made publicly
> available, reducing load on authentication servers.
> - LM Hash does not require the use of salt, which aligns with the American
> Heart Association’s guidelines for a low-sodium diet.
> - LM Hash requires little energy to compute, thereby contributing to
> environment-friendly authentication systems.
> As a Microsoft employee, Marsh Ray was the most vocal advocate for LM Hash,
> noting that Microsoft, IBM, and 3Com have had support for LM Hash since 1988.
> Alexander Peslyak added that LM Hash is the ideal PHC winner since it’s already
> well-supported in John the Ripper. Jeremi Gosney and Jens Steube were quick to
> agree, noting that LM Hash has all of the qualities they desire in a password
> hash.
> Comparing LM Hash to other PHC finalists:
> - Unlike LM Hash, Argon and Catena are resistant to TMTO, wasting valuable CPU
> cycles.
> - Battcrypt uses Blowfish, which was developed by that charlatan Bruce
> Schneier. LM Hash uses DES, which was developed by IBM and the NSA. Which do
> you trust more?
> - Lyra2 relies on a sponge for security, which is by definition full of holes.
> LM Hash relies on a block cipher. Blocks don’t have holes.
> - Pufferfish encrypts the palindrome "Drab as a fool, aloof as a bard." LM Hash
> encrypts the string “kgs!@#$%”, saving the user 24 bytes.
> - LM Hash is far simpler than yescrypt! It can be described in one line,
> whereas yescrypt can't even be described in one book.
> - Unlike Makwa, LM Hash is post-quantum!
> - Parallel was designed by Steve Thomas, who you can't trust to hash your
> password. LM Hash wasn't designed by Steve but by trusted Microsoft experts.
> Being the choice of foremost thought leaders in the field, LM Hash is already a
> success:
> - LM Hash will appear in the next Gartner Magic Quadrant for state-of-the-art
> password hashing.
> - Academic researchers have started applying for grants in order to investigate
> security proofs of LM Hash in the related-password model under relaxed
> misuse-resistance assumptions. Leading researchers already expect breakthrough
> indifferentiability proofs in the ideal cipher model.
> - A new secure messaging application will generate one-time-pad masks from user
> passwords using LM Hash, promising higher security than legacy solutions such
> as TextSecure.
> JP Aumasson & Jeremi Gosney, on behalf of the PHC panel
> -- 
> You received this message because you are subscribed to the Google Groups "Cryptographic competitions" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to
> To post to this group, send email to
> Visit this group at
> For more options, visit

Powered by blists - more mailing lists