Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20150721013242.GD2159@openwall.com>
Date: Tue, 21 Jul 2015 04:32:42 +0300
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: re-focusing the PHC finalists project

Agnieszka,

As you have noticed, the PHC panel has announced the winner and 4
additional finalists endorsed for special use cases.  Starting with this
point, I'd like you to spend further time on these 5 only.  Please no
longer do any work on the 4 finalists that were not mentioned in the
recent announcement.

Specifically, please do work on these:

Argon2
Catena
Lyra2
Makwa
yescrypt

but don't work on these:

battcrypt
Parallel
POMELO
Pufferfish

Since the 5 schemes to work on are still moving targets (tweaks have
just been permitted again, although the submitters are to work along
with the PHC panel on them), it makes sense for you to postpone work on
those schemes that are expected to change in more significant ways.
Unfortunately, the winner - Argon2 - is one of those, still expected to
change significantly.  My guess (but I could be wrong) is that Catena,
Lyra2, and Makwa won't change much if at all.  For yescrypt, I am
planning some moderate changes (of course, subject to the panel's
approval).

You're currently working on yescrypt, and you may continue with that.
You may also continue making optimizations to your Lyra2 implementations.

Beyond that, I am not sure in what order it'd be best to approach
Argon2, Catena, and Makwa.  On one hand, Argon2 will likely change the
most (relative to its current PHC submitted state).  On the other, it is
also the most important (since it's the winner), and your work might
actually influence how it's tweaked.

So if you'd like to potentially be of help to the PHC project, and don't
mind doing work that you'll likely need to partially redo soon, then
Argon2 is your next target, right after your current work on yescrypt.

It may be a good idea to work on Argon team's latest revision of Argon2
in their GitHub repo rather than what they had submitted to PHC.  This
will probably be closer to what the final tweaked Argon2 will be.

Thanks,

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.