| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20150926204616.GA15194@openwall.com> Date: Sat, 26 Sep 2015 23:46:16 +0300 From: Solar Designer <solar@...nwall.com> To: discussions@...sword-hashing.net Subject: Re: [PHC] Specification of a modular crypt format On Tue, Sep 22, 2015 at 07:05:38PM +0000, Jean-Philippe Aumasson wrote: > Re ordering: I also meant the fixed order that makes the most sense for the > primitive, rather than lex order. The order should just be well-defined and > unambiguous. Agreed. In fact, Thomas' own sample code for Argon2 places t before p. It also has optional keyid and data parameters, contrary(?) to what the proposed specification previously said. > I'd also encourage a non-bloated syntax, since there's no benefit of having > a better human-readable encoding. Also important is the consistency with > the current standard. I wouldn't go as far as to say "there's no benefit of having a better human-readable encoding" - I think it's nice for the encoding to be human-readable, but this also has drawbacks, including even "looking bad" to some humans. ;-) I think I'm going to give a compact syntax a try in yescrypt, and then we'll see if we're going to reuse most of it for other PHC schemes. I am still very interested in any comments you (JP, Thomas, others) might have on my proposed compact encodings for the numeric parameters. Alexander
Powered by blists - more mailing lists