Comments (2)
randombit
commented on May 27, 2024
The primary criteria for adding an algorithm (beyond someone actually writing the code) is if that algorithm is or will be in use in some real world system or protocol.
The secondary criteria is if the algorithm has some notable benefit compared to other systems such that it's worth including because it should be used in real world systems, even if not currently.
As far as I know none of these hashes qualifies under the first criteria. (Please correct me if I'm wrong about this, this is just based on what I've seen used in the past.) On the second crtieria I don't know enough about these other hashes to have an opinion. Certainly I find both Argon2 and scrypt quite poorly designed so I'm open to the possibility. But it would have to come in an argument of "Attribute X is something that makes algo Z superior to {Argon2,scrypt,bcrypt} in some specific scenario and this attribute is so nice it's worth including not just yet another password hash, but one that's not widely used/known/studied."
from botan.
wendig0x
commented on May 27, 2024
This is where the contestants are discussed: https://crypto.stackexchange.com/questions/48933/why-did-argon2-win-the-phc
From the looks of it, the best candidate for realization is Catena.
The reason for adding the hash - I believe there should be some choice, not just the "officially endorsed" candidate (Argon2)
from botan.
Related Issues (20)
- test failure in 2.19.4: dh_invalid HOT 4
- Need to upgrade CodeQL action
- Certstore system tests fail if certificates are not installed. HOT 1
- Doxygen output includes full file paths
- Odd CLI test failure on MacOS 14 runners
- build failure on armv7 with latest 3.4.0 release HOT 2
- Cancel CodeQL/CiFuzz jobs when a new commit is pushed
- Why do PK_Ops classes return secure_vector for non-private information
- Botan doesn't support large OIDs HOT 1
- ECDSA using SHAKE HOT 4
- Facing retransmission issue while adding delay in the server side in the DTLS implementation
- Invalid BER decoding of OIDs HOT 1
- `./botan tls_server` is lacking a `--trusted-cas=` argument HOT 7
- Replace BigInt based elliptic curve library
- Centralize 'integralish' concept and strong-type unwrapping
- Amalgamation SHA3 missing HOT 2
- CI printing warnings from Boost headers
- The dTLS server (1.2) is not handling properly the re-transmissions in case of delay in flight at server side (we see clientKeyExchange before serverKeyExchange and serverHelloDone)
- secp112r2 unsupported since Hasse bound check HOT 1
- Does the string type cause aborted works as intended? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from botan.