|
Message-ID: <20190630155158.GA8988@openwall.com> Date: Sun, 30 Jun 2019 17:51:58 +0200 From: Solar Designer <solar@...nwall.com> To: announce@...ts.openwall.com, yescrypt@...ts.openwall.com Subject: yescrypt 1.1.0 Hi, yescrypt is a password-based key derivation function (KDF) and password hashing scheme. It builds upon scrypt, and our implementation is able to compute native yescrypt hashes as well as classic scrypt. This is to announce a major update of yescrypt released today as 1.1.0 and a previously unannounced minor update from 1.0.2 to 1.0.3. yescrypt 1.1.0 and 1.0.3 are available on the project's homepage: https://www.openwall.com/yescrypt/ The changes are described in the included change log as follows: --- Changes made between 1.0.3 (2018/06/13) and 1.1.0 (2019/06/30). Merged yescrypt-opt.c and yescrypt-simd.c into one source file, which is a closer match to -simd but is called -opt (and -simd is now gone). With this change, performance of SIMD builds should be almost unchanged, while scalar builds should be faster than before on register-rich 64-bit architectures but may be slower than before on register-starved 32-bit architectures (this shortcoming may be addressed later). This also happens to make SSE prefetch available even in otherwise-scalar builds and it paves the way for adding SIMD support on big-endian architectures (previously, -simd assumed little-endian). Changes made between 1.0.2 (2018/06/06) and 1.0.3 (2018/06/13). In SMix1, optimized out the indexing of V for the sequential writes. --- In related news, yescrypt (based on its revision close to today's 1.1.0 release) became part of libxcrypt 4.2.0 and above: https://github.com/besser82/libxcrypt libxcrypt is used on (at least) recent Fedora and ALT Linux in lieu of glibc's libcrypt. Versions with yescrypt support are available starting with Fedora 29. Also supported in libxcrypt 4.3.0 and above are gost-yescrypt hashes, which wrap native yescrypt into Russian GOST hashes in a way such that cryptographic security is provably provided by GOST whereas resistance to offline password cracking attacks is provided by yescrypt. (This is similar to how cryptographic security is provably provided by NIST's SHA-256 in native yescrypt on its own.) gost-yescrypt should only be used where compliance with Russian cryptographic standards is required (such as for some uses of ALT Linux distributions). libxcrypt now also implements the crypt_rn(), crypt_ra(), crypt_gensalt(), crypt_gensalt_rn(), and crypt_gensalt_ra() APIs that we originally introduced in Openwall GNU/*/Linux (Owl) in 2000-2001. As implemented in libxcrypt, these are now additionally aware of classic scrypt (using its implementation in yescrypt), native yescrypt, and gost-yescrypt hashes. Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.