| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CALiR+uOhpF4mZmDOmwciNShsjjK8_LjgOE=nNYXCj8v43_+CQg@mail.gmail.com>
Date: Mon, 4 May 2015 16:51:51 +0200
From: Sascha Schmidt <sascha.schmidt@...-weimar.de>
To: discussions@...sword-hashing.net
Subject: Re: [PHC] Client-side hashing (was side-channel stuff)
I added the missing keyed finalization to Catena. You can now use
server relief, keyed hashing and client-independent updates together.
You can find it on github for now, but I'm sure that we are going to
update the submission soon.
2015-04-25 11:57 GMT+02:00 Sascha Schmidt <sascha.schmidt@...-weimar.de>:
> 2015-04-25 0:40 GMT+02:00 Steve Thomas <steve@...tu.com>:
>> h = fastHash(password, salt)
>> for u = 1 to upgrade
>> {
>> h = fastHash(slowHash(h, t_cost, m_cost))
>> t_cost = increaseTCost(t_cost)
>> m_cost = increaseMCost(m_cost)
>> }
>> return encrypt(h, key) // HSM? :)
> You are totally right. I don't know how I missed this. The most
> embarrassing thing is, that this would already be possible with
> Catena. The only thing missing is the server-side finalization with
> encryption.
> I hope I haven't caused any confusion with my previous mail.
Powered by blists - more mailing lists