lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 14 Jan 2016 03:15:36 +0000
From: Peter Gutmann <>
To: "" <>
Subject: Slides for PHC talk

A month or two back I did a talk on the PHC, not so much the technical side
but a backgrounder on the problem that had to be solved and the process that
arose from it.  In case they're useful to anyone, I've put the slides up at

  The secure storage of passwords on servers has been a long-standing problem
  that rears its head again and again. In 2013 a group of security people lead
  by cryptographer Jean-Philippe Aumasson initiated the Password Hashing
  Competition (PHC), an attempt to design a new, state-of-the-art password-
  processing algorithm using the competitive process that gave us AES and
  SHA-3. The Password Hashing Competition looks at the recently-completed PHC
  process, both from the technical side (it inspired enormous advances in the
  state of the art in password-processing design) as well as the ins and outs
  of running a competitive process to select an algorithm that has to
  withstand attack by CPUs, GPUs, FPGAs, and ASICs (think Bitcoin miners), not
  to mention a peanut gallery of geeks all over the world. The focus of the
  talk is more on the mechanisms of the selection process and the decisions
  and tradeoffs that were made than on the low-level technical details.


Powered by blists - more mailing lists