| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.DEB.2.20.1506251457180.29545@debian> Date: Thu, 25 Jun 2015 14:59:23 +0200 (CEST) From: Stefan.Lucks@...-weimar.de To: "discussions@...sword-hashing.net" <discussions@...sword-hashing.net> Subject: Re: [PHC] Why protect against side channel attacks On Thu, 25 Jun 2015, Peter Maxwell wrote: > You get the idea though: the salt must be secret to avoid an attacker being > able to exploit the low dimension of the password space. Are we assuming > the salt as secret? If we would assume the salt to be secret, we should not call it a "salt". To avoid confusion, it would then deserve to be called a "key". Stefan -------- I love the taste of Cryptanalysis in the morning! -------- www.uni-weimar.de/de/medien/professuren/mediensicherheit/people/stefan-lucks ----Stefan.Lucks (at) uni-weimar.de, Bauhaus-Universität Weimar, Germany----
Powered by blists - more mailing lists