lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CALW8-7+czR14qgntr+xd7hMMnEM=-=FA6uBx8hjvV8idO6pk_A@mail.gmail.com>
Date: Wed, 28 Sep 2016 12:36:37 +0200
From: Dmitry Khovratovich <khovratovich@...il.com>
To: "discussions@...sword-hashing.net" <discussions@...sword-hashing.net>
Subject: Re: [PHC] Can we add back Argon2id?

The rationale was to offer better tradeoff resistance for the 1-pass
version. Maybe it was not worth it.

Currently we the designers would welcome the appearance of Argon2id in the
official implementation. Care must be taken to maintain compatibility, but
this should better be addressed at the community working on the
implementation on GitHub.

Best regards,
the Argon2 team

On Mon, Sep 26, 2016 at 6:00 PM, Bill Cox <waywardgeek@...il.com> wrote:

> If I could change Argon2 to only offer Argon2i and Argon2id, I would.  The
> complexity is the same as offering only Argon2i and Argon2d, but Argon2id
> provides better defense than Argon2d.  I do not understand the rationale
> for promoting Argon2d instead of Argon2id.
>
> Bill
>



-- 
Best regards,
Dmitry Khovratovich

Content of type "text/html" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ