[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CA+hr98FRrndWjg2Ta6ik2v4wLuy1f6Uh7LwnUz8L3_RRHuaEXw@mail.gmail.com>
Date: Thu, 30 Apr 2015 15:13:23 +0200
From: Krisztián Pintér <pinterkr@...il.com>
To: "discussions@...sword-hashing.net" <discussions@...sword-hashing.net>
Subject: Re: [PHC] Maximising Pseudo-Entropy versus resistance to Side-Channel Attacks
On Thu, Apr 30, 2015 at 2:43 PM, <Stefan.Lucks@...-weimar.de> wrote:
> on-line attacking the defender's system. The point I am trying to make is
> that in such a situation, a password hashing function being vulnerable to
> side-channel attacks would be a terrible choice.
>
> If PHC selects a single winner from one of the finalists, it should either
> be Argon2i or Catena.
i find this argument seriously dishonest. i'm preaching side channel
protection for a long time, and for exactly the same reason. and i
don't remember you coming along and supporting this position. now that
there is only a very limited number of such candidates still in, one
being yours, you suddenly realize how important it is.
if this issue had been discussed with due weight, we would have all
but maybe a few remaining candidates be side channel protected, and
vulnerable algorithms mostly eliminated.
so i suggest the panel to either disregard this issue altogether, in
line with the earlier attitude toward this problem, or to accept the
importance of it, and start the selection process from scratch. you
can't have both.
Powered by blists - more mailing lists