lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 1 Jul 2015 21:07:52 +0000
From: Marsh Ray <>
To: "" <>
Subject: RE: [PHC] RE: Password hashing as a self-overwriting Turing machine

Several of the PHC submissions (  ) have solid descriptions of their security analysis. The pdfs for Argon, Cantena, and Lyra2 stand out in my memory.

You might also like the papers on the finalists submitted to the NIST SHA-3 competition. It was the SHA-3 competition that first got me really thinking about this type of cryptanalysis.

-          Marsh

From: denis bider []
Sent: Wednesday, July 1, 2015 1:49 PM
Subject: Re: [PHC] RE: Password hashing as a self-overwriting Turing machine

> What is the basis for your claim that a randomized sequence of operations from the set you have chosen results in a irreducible function?
Unfortunately, I don't have the background to properly answer this formally. This is where I think someone else, if they were interested, could contribute. To me, this seems "obvious" and "plain" - but there is "seeing" that 1 + 1 = 2, and then there's Russell & Whitehead investing 300 pages to prove it.

Content of type "text/html" skipped

Powered by blists - more mailing lists