lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 30 Apr 2015 15:13:23 +0200
From: Krisztián Pintér <pinterkr@...il.com>
To: "discussions@...sword-hashing.net" <discussions@...sword-hashing.net>
Subject: Re: [PHC] Maximising Pseudo-Entropy versus resistance to Side-Channel Attacks

On Thu, Apr 30, 2015 at 2:43 PM,  <Stefan.Lucks@...-weimar.de> wrote:
> on-line attacking the defender's system. The point I am trying to make is
> that in such a situation, a password hashing function being vulnerable to
> side-channel attacks would be a terrible choice.
>
> If PHC selects a single winner from one of the finalists, it should either
> be Argon2i or Catena.


i find this argument seriously dishonest. i'm preaching side channel
protection for a long time, and for exactly the same reason. and i
don't remember you coming along and supporting this position. now that
there is only a very limited number of such candidates still in, one
being yours, you suddenly realize how important it is.

if this issue had been discussed with due weight, we would have all
but maybe a few remaining candidates be side channel protected, and
vulnerable algorithms mostly eliminated.

so i suggest the panel to either disregard this issue altogether, in
line with the earlier attitude toward this problem, or to accept the
importance of it, and start the selection process from scratch. you
can't have both.

Powered by blists - more mailing lists