lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <CA+hr98FRrndWjg2Ta6ik2v4wLuy1f6Uh7LwnUz8L3_RRHuaEXw@mail.gmail.com> Date: Thu, 30 Apr 2015 15:13:23 +0200 From: Krisztián Pintér <pinterkr@...il.com> To: "discussions@...sword-hashing.net" <discussions@...sword-hashing.net> Subject: Re: [PHC] Maximising Pseudo-Entropy versus resistance to Side-Channel Attacks On Thu, Apr 30, 2015 at 2:43 PM, <Stefan.Lucks@...-weimar.de> wrote: > on-line attacking the defender's system. The point I am trying to make is > that in such a situation, a password hashing function being vulnerable to > side-channel attacks would be a terrible choice. > > If PHC selects a single winner from one of the finalists, it should either > be Argon2i or Catena. i find this argument seriously dishonest. i'm preaching side channel protection for a long time, and for exactly the same reason. and i don't remember you coming along and supporting this position. now that there is only a very limited number of such candidates still in, one being yours, you suddenly realize how important it is. if this issue had been discussed with due weight, we would have all but maybe a few remaining candidates be side channel protected, and vulnerable algorithms mostly eliminated. so i suggest the panel to either disregard this issue altogether, in line with the earlier attitude toward this problem, or to accept the importance of it, and start the selection process from scratch. you can't have both.
Powered by blists - more mailing lists