lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20150423013126.GA20713@bolet.org>
Date: Thu, 23 Apr 2015 03:31:26 +0200
From: Thomas Pornin <pornin@...et.org>
To: discussions@...sword-hashing.net
Subject: New package for Makwa

Hello,

I have updated the Makwa specification and code. New version of the
submission package is available here:

   http://www.bolet.org/makwa/Makwa-PHC-20150422.zip

A direct link to the specification is also available here:

   http://www.bolet.org/makwa/makwa-spec-20150422.pdf


MAKWA HAS NOT CHANGED. This is not a "tweak". All previous test vectors
remain fully valid. What has changed is the following:

 - I have much expanded the discussion on the delegation mechanism to
   include the "information theoretic secure" method from Adam Back. I
   describe it, and some optimizations, and how that method and my
   original delegation system are really sub-cases of the same thing.
   This results in a total of three variants for the delegation, with
   distinct performance. See section 4 of the specification.

 - The reference implementations (both C and Java) now implement all
   three delegation mechanisms (the old one, which is still the one I
   recommend on a general basis, and the two new "information theoretic
   secure" systems).

 - The formats I defined for public keys, private keys and delegation
   parameters have been expanded to better support the alternate
   delegation mechanisms.

 - Private key generation was modified to also produce a generator for
   invertible quadratic residues.

The new code is still backward compatible with the original one (at both
source code and binary levels). The old formats for keys and parameters
are still fully supported.


	--Thomas Pornin

Powered by blists - more mailing lists