lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 15 Apr 2015 03:16:28 +0800
From: Hongjun Wu <>
Subject: Re: [PHC] updated report of POMELO

Dear Axel,

The second part of the output of POMELO' is used as the key.

A reference code of POMELO-KDF and its test vector are attached to this
email.   The function name is PHSKDF,  the API is similar to that of PHS,
except that "key" is used to replace "out", "keylen" is used to replace

I will upload the POMELO-KDF code and the test vector to the following
webpage a few hrs later:

Best Regards,

On Tue, Apr 14, 2015 at 6:21 PM, Axel von dem Bruch <>

> Am 14.04.2015 um 09:10 schrieb Hongjun Wu:
> > Dear all,
> >
> > The POMELO report is updated.  The updated version is available at:
> >
> >
> >
> > There are several changes to the report:
> >
> > 3) Introduced POMELO-KDF to generate a key with arbitrary length in
> > Section 1.5.
> >     Simply speaking, POMELO is iterated in POMELO-KDF to generate a
> > key with arbitrary length (in case if a very long key is needed).
> >
> For me it's not quite clear, which part of Pomelo' output should be used
> for the key if the required key size is not a multiple of 128.
> Code or test vectors would be helpful even regardless of the reference
> code.
> Regards
> Axel

Content of type "text/html" skipped

View attachment "pomelo_kdf_testvectors.txt" of type "text/plain" (1267248 bytes)

View attachment "pomelo_kdf.c" of type "text/x-csrc" (10470 bytes)

Powered by blists - more mailing lists