Re: [Cfrg] scrypt password-based key derivation function
Joachim Strömbergson <Joachim@Strombergson.com> Fri, 28 September 2012 12:52 UTC
Return-Path: <Joachim@Strombergson.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2605221F84DD for <cfrg@ietfa.amsl.com>; Fri, 28 Sep 2012 05:52:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.885
X-Spam-Level:
X-Spam-Status: No, score=-0.885 tagged_above=-999 required=5 tests=[BAYES_40=-0.185, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eK8qOMqQXzRs for <cfrg@ietfa.amsl.com>; Fri, 28 Sep 2012 05:52:56 -0700 (PDT)
Received: from susano.oderland.com (susano.oderland.com [91.201.63.143]) by ietfa.amsl.com (Postfix) with ESMTP id 4EE1421F84CD for <cfrg@irtf.org>; Fri, 28 Sep 2012 05:52:55 -0700 (PDT)
Received: from 2.67.227.87.static.g-sn.siw.siwnet.net ([87.227.67.2]:33902 helo=tunnis.local) by susano.oderland.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.77) (envelope-from <Joachim@Strombergson.com>) id 1THa3l-000bMS-M5 for cfrg@irtf.org; Fri, 28 Sep 2012 14:52:49 +0200
Message-ID: <50659DA1.70608@Strombergson.com>
Date: Fri, 28 Sep 2012 14:52:49 +0200
From: Joachim Strömbergson <Joachim@Strombergson.com>
Organization: Kryptologik
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:15.0) Gecko/20120907 Thunderbird/15.0.1
MIME-Version: 1.0
To: cfrg@irtf.org
References: <87bogv4udy.fsf@latte.josefsson.org>
In-Reply-To: <87bogv4udy.fsf@latte.josefsson.org>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - susano.oderland.com
X-AntiAbuse: Original Domain - irtf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - Strombergson.com
Subject: Re: [Cfrg] scrypt password-based key derivation function
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Joachim@Strombergson.com
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Sep 2012 12:52:57 -0000
Aloha! On 2012-09-24 11:55 , Simon Josefsson wrote: > Colin and I have published a draft describing Colin's scrypt key > derivation function. We would appreciate review of the document: > > http://tools.ietf.org/html/draft-josefsson-scrypt-kdf Great initiative and good work! I'm trying to follow the draft and build an implementation just to see if I can understand it. One thing that caught me is the test vectors for Salsa20 in chapter 7. First off, Sals20 as defined on the DJB page you point to (http://cr.yp.to/salsa20.html) works in arrays of 16 uint32_t values. The vectors you provide are in byte form. I'm probably thick, but for me it is not 100% non ambigious how to combine the bytes into the correct sequence of words. You could also mabye add another set of vectors where all but one byte is zero, alternatively that the first 32 bits are all set and the rest is all zero. This would help out debugging the endianess/ordering. -- Med vänlig hälsning, Yours Joachim Strömbergson - Alltid i harmonisk svängning. ========================================================================
- [Cfrg] scrypt password-based key derivation funct… Simon Josefsson
- Re: [Cfrg] scrypt password-based key derivation f… Joachim Strömbergson
- Re: [Cfrg] scrypt password-based key derivation f… Stephen Farrell
- Re: [Cfrg] scrypt password-based key derivation f… Hanno Böck
- Re: [Cfrg] scrypt password-based key derivation f… Aaron Zauner
- Re: [Cfrg] scrypt password-based key derivation f… Daniel Kahn Gillmor
- Re: [Cfrg] scrypt password-based key derivation f… Björn Edström
- Re: [Cfrg] scrypt password-based key derivation f… Aaron Zauner
- Re: [Cfrg] scrypt password-based key derivation f… Simon Josefsson
- Re: [Cfrg] scrypt password-based key derivation f… Simon Josefsson
- Re: [Cfrg] scrypt password-based key derivation f… Aaron Zauner
- Re: [Cfrg] scrypt password-based key derivation f… Tony Arcieri
- Re: [Cfrg] scrypt password-based key derivation f… Björn Edström
- Re: [Cfrg] scrypt password-based key derivation f… Håkon Hitland