| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAOLP8p5aEi6ROioGdrzhK+q1DjtkoUTBZxmhomCk0Om866NfeA@mail.gmail.com>
Date: Mon, 20 Jul 2015 11:05:04 -0700
From: Bill Cox <waywardgeek@...il.com>
To: "discussions@...sword-hashing.net" <discussions@...sword-hashing.net>
Subject: Re: [PHC] PHC winner and special recognitions
Congratulations to the Argon2 team! One aspect of their team which has
impressed me is how the Argon team listened and learned throughout this
competition, which is clearly evident in their Argon2 submission. I
sincerely hope the Argon2 team will work with the other finalists for final
tweaks to the algorithm.
Of the features that are present in other finalists, here are some I would
love to see in Argon2:
- A hybrid Argon2i/Argon2d (Argon2id?), where some initial fraction of
memory hashing is done in a cache-timing independent manner, followed by
unpredictable addressing to improve off-line attack resistance. If this
fraction were a parameter, it would unify Argon2i and Argon2d into one
algorithm.
- Improved GPU resistance, similar to Yescrypt
- As the Argon2 team has already suggested: using the multiplication-chain
hardened version of Blake2, at least as an option
IMO, the most important thing will be for the Argon2 team to continue being
open to the ideas from the Catena, Lyra2, and Yescrypt authors. If the
Argon2 team continues to work well with them, I think this could be a truly
outstanding result.
Best regards,
Bill
Content of type "text/html" skipped
Powered by blists - more mailing lists