| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 23 Apr 2015 03:31:26 +0200 From: Thomas Pornin <pornin@...et.org> To: discussions@...sword-hashing.net Subject: New package for Makwa Hello, I have updated the Makwa specification and code. New version of the submission package is available here: http://www.bolet.org/makwa/Makwa-PHC-20150422.zip A direct link to the specification is also available here: http://www.bolet.org/makwa/makwa-spec-20150422.pdf MAKWA HAS NOT CHANGED. This is not a "tweak". All previous test vectors remain fully valid. What has changed is the following: - I have much expanded the discussion on the delegation mechanism to include the "information theoretic secure" method from Adam Back. I describe it, and some optimizations, and how that method and my original delegation system are really sub-cases of the same thing. This results in a total of three variants for the delegation, with distinct performance. See section 4 of the specification. - The reference implementations (both C and Java) now implement all three delegation mechanisms (the old one, which is still the one I recommend on a general basis, and the two new "information theoretic secure" systems). - The formats I defined for public keys, private keys and delegation parameters have been expanded to better support the alternate delegation mechanisms. - Private key generation was modified to also produce a generator for invertible quadratic residues. The new code is still backward compatible with the original one (at both source code and binary levels). The old formats for keys and parameters are still fully supported. --Thomas Pornin
Powered by blists - more mailing lists