[Cfrg] Fw: Argon2i, scrypt, balloon hashing, ...
Dan Brown <danibrown@blackberry.com> Tue, 16 August 2016 16:06 UTC
Return-Path: <danibrown@blackberry.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4917012D7CD for <cfrg@ietfa.amsl.com>; Tue, 16 Aug 2016 09:06:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.848
X-Spam-Level:
X-Spam-Status: No, score=-3.848 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-1.247, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oVLbwL3eITes for <cfrg@ietfa.amsl.com>; Tue, 16 Aug 2016 09:06:15 -0700 (PDT)
Received: from smtp-p01.blackberry.com (smtp-p01.blackberry.com [208.65.78.88]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A0C8812B069 for <cfrg@irtf.org>; Tue, 16 Aug 2016 09:06:15 -0700 (PDT)
Received: from xct107cnc.rim.net ([10.65.161.207]) by mhs211cnc.rim.net with ESMTP/TLS/DHE-RSA-AES256-SHA; 16 Aug 2016 15:06:41 -0400
Received: from XMB116CNC.rim.net ([fe80::45d:f4fe:6277:5d1b]) by XCT107CNC.rim.net ([fe80::b815:71ef:9f8f:e07c%16]) with mapi id 14.03.0210.002; Tue, 16 Aug 2016 12:06:11 -0400
From: Dan Brown <danibrown@blackberry.com>
To: IRTF CFRG <cfrg@irtf.org>
Thread-Topic: [Cfrg] Argon2i, scrypt, balloon hashing, ...
Thread-Index: AQHR90WamN7mC1+UQ0+w7tqG6bvx+KBLnJ8VgAAlC4I=
Date: Tue, 16 Aug 2016 16:06:11 +0000
Message-ID: <20160816160607.5709905.1691.3597@blackberry.com>
References: <mailman.995.1471241877.1171.cfrg@irtf.org>, <alpine.WNT.2.00.1608151525480.8540@RogawaySamsung9>, <20160816135332.5709905.51384.3573@blackberry.com>
In-Reply-To: <20160816135332.5709905.51384.3573@blackberry.com>
Accept-Language: en-US, en-CA
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Content-Type: text/plain; charset="windows-1256"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/Kj6RTreTb5OelT2qZJc1BWk8PAA>
Subject: [Cfrg] Fw: Argon2i, scrypt, balloon hashing, ...
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Aug 2016 16:06:17 -0000
Isn't password hashing out of scope for IRTF work? Or at least not a focus? Like RNGs and secure storage, it is important to security but not a form openly interoperable communication. Sent from my BlackBerry 10 smartphone on the Rogers network. Original Message From: Dan Brown <danibrown@blackberry.com> Sent: Tuesday, August 16, 2016 9:53 AM To: Phillip Rogaway; cfrg@irtf.org Subject: Re: [Cfrg] Argon2i, scrypt, balloon hashing, ... Also, isn't the need for interoperability of password hashing smaller than for general protected communication? (Or, is the eventual intent to add these algorithms to some IETF protocols, e.g. PAKEs etc.?) Sent from my BlackBerry 10 smartphone on the Rogers network. Original Message From: Phillip Rogaway Sent: Monday, August 15, 2016 6:37 PM To: cfrg@irtf.org Subject: [Cfrg] Argon2i, scrypt, balloon hashing, ... I would like to gently suggest the CFRG not move forward with blessing any memory-hard hash function at this time. The area seems too much in flux, at this time, for this to be desirable. Really nice results are coming out apace. Standards can come too early, you know, just as they can come out too late. phil _______________________________________________ Cfrg mailing list Cfrg@irtf.org https://www.irtf.org/mailman/listinfo/cfrg
- [Cfrg] Fw: Argon2i, scrypt, balloon hashing, ... Dan Brown
- [Cfrg] Argon2i, scrypt, balloon hashing, ... Phillip Rogaway