lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 2 Apr 2015 08:49:33 +0300 From: Solar Designer <solar@...nwall.com> To: discussions@...sword-hashing.net Subject: Re: [PHC] OMG we have benchmarks On Thu, Apr 02, 2015 at 11:05:58AM +0800, Hongjun Wu wrote: > I agree with you that the schemes with several parameters need to list the > parameters being used. Makes sense. Right now, they're hard-coded in PHS(), but are generally not explicitly listed elsewhere. > Further, I think that it is better for the designers to fix those > parameters in the competition. This is (mostly) how it is now, due to PHS(). > Otherwise, the parameters can be tuned to > favor one type of comparison, then get tuned to favor another different > type of comparison. This may be a good thing, although it does have a drawback: potential confusion about what we're comparing. In actual usage, those extra parameters may in fact be tuned to match specific use cases better. We just need to ensure that both schemes being compared are tuned for the same use case. And indeed, it should be viewed as an advantage of a scheme if it achieves competitive results even without tuning for the use case. Alexander
Powered by blists - more mailing lists