lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 5 May 2015 01:13:18 +0200
From: Sascha Schmidt <>
Subject: Re: [PHC] Client-side hashing (was side-channel stuff)

2015-05-04 19:18 GMT+02:00 Solar Designer <>:
> On Mon, May 04, 2015 at 04:51:51PM +0200, Sascha Schmidt wrote:
>> I added the missing keyed finalization to Catena. You can now use
>> server relief, keyed hashing and client-independent updates together.
>> You can find it on github for now,
> I found commit c793a7a871ad7ce54d3f780d8e1fbe8d5c2f699e "added keyed
> server relief", made by you today.  Can you explain how this differs
> from what Christian Forler referred to here? -
> "Catena supports "Keyed Password Hashing" [...] I just added the
> feature."
> Is this Catena_Keyed_Hashing() (available before) vs.
> Catena_Keyed_Server() (added now)?
You could always execute Catena_Client(...) on one computer and then
Catena_Server(...) on another computer and get the same result as a
simple call to Catena(...). This allows to offload the computation to
the client.
Due to an oversight on our end this wasn't possible with keyed
hashing. In the thread you linked Christian announces
Catena_Keyed_Hashing(...). The new API allows you to first call
Catena_Client(...) and then Catena_Keyed_Server(...) to get the same
result(a keyed hash).

>> but I'm sure that we are going to update the submission soon.
> This is merely an API enhancement, not a tweak, right?
Yes. All the functionality was already there.

Powered by blists - more mailing lists