lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 14 Apr 2015 13:08:37 +0200
From: Jean-Philippe Aumasson <jeanphilippe.aumasson@...il.com>
To: discussions@...sword-hashing.net
Subject: Re: [PHC] Competition process

Earlier in January the panel agreed that Argon2 was too major a change
to be accepted as a "tweak". Actually the designers presented Argon2
as a separate algorithm rather than just a tweak of Argon1. It was
deemed that Lyra2's tweak was acceptable, OTOH.

I'm not saying that it's "fair" or that it's the best way to go,
whatever the criteria; I'm just reporting facts.

Personally I like Argon2 a lot, in part for its relative simplicity,
and wouldn't object to considering it as eligible if a critical mass
of panel members also approves. (Then I expect some other submitters
to complain that it isn't "fair".)

Let's see what other panel members have to say.


On Tue, Apr 14, 2015 at 12:31 PM, Peter Gutmann
<pgut001@...auckland.ac.nz> wrote:
> Dmitry Khovratovich <khovratovich@...il.com> writes:
>
>>2) The submissions evolve over the competition period significantly,
>>absorbing new ideas and constructions from the discussion, possibly even
>>merging with each other. The confidence in the winner(s) comes from the
>>consensus in the committee on certain features that are gradually integrated
>>in the final version.
>
> That's the approach I prefer (see my earlier thoughts about allowing a final
> round of updates for the top three, before a single best-of-breed is chosen).
> Argon2 is such an obvious improvement, it seems odd to keep it out so that the
> decision has to be made on a previous-generation version.  Or, more
> worryingly, that the decision on Argon might be made on the assumption that
> what'll be adopted is actually Argon2, blurring the line over what's being
> decided on.
>
> (Apologies to Jean-Philippe, who started off with a competition and is now
>  running a soccer match :-).
>
> Peter.

Powered by blists - more mailing lists