lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 2 Apr 2015 08:30:07 -0700
From: Bill Cox <>
To: "" <>
Subject: Allowing Agon2 and Catena2?

Do we want to continue benchmarking Argon2d and Argon2i?  It is useful for
reference, but we're putting work into analyzing Argon2 that should go
elsewhere if there is no chance Argon2 can be selected.  I find Argon2 to
be good work compared to Argon, and generally I don't care much for rules
when they hurt the world, so my preference is to drop Argon, and allow
Argon2 to go forward.  Is this possible?

The same goes for the new Catena version, and I'd also like to allow them
to add any H hash function they need to, including the reduced Blake2b
single-round hash.  I think the world would be better off with Argon2i and
Catena2 duking it out for the cache-timing-resistant category, and Lyra2,
Yescrypt, and Argon2d duking it out for the Scrypt upgrade category.

Anyway, some guidance here would be useful at a minimum for benchmarking
and security analysis efforts.


Content of type "text/html" skipped

Powered by blists - more mailing lists