-
Notifications
You must be signed in to change notification settings - Fork 2
/
index.html
189 lines (173 loc) · 6.02 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
<!doctype html>
<html lang="en">
<head>
<title>Password Hashing Competition</title>
<link href="style.css" rel="stylesheet" type="text/css" media="screen">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<header>
<h1>Password Hashing Competition</h1>
<h2>and our recommendation for hashing passwords: Argon2</h2>
</header>
<nav>
<a href="#argon2">ARGON2</a>
|
<a href="#phc">PHC</a>
|
<a href="#contact">CONTACT</a>
</nav>
<br/>
<section>
Password hashing is everywhere, from web services' credentials storage
to mobile and desktop authentication or disk encryption systems.
Yet there wasn't an established standard to fulfill the needs of
modern applications and to best protect against attackers.
We started the <a href="#phc">Password Hashing Competition (PHC)</a> to
solve this problem.
<br/>
<br/>
PHC ran from 2013 to 2015 as an open competition—the same kind of
process as NIST's AES and SHA-3 competitions, and the most effective way
to develop a crypto standard. We received 24 candidates,
including many excellent designs, and selected one winner,
<a href="#argon2">Argon2</a>, an algorithm designed by Alex Biryukov,
Daniel Dinu, and Dmitry Khovratovich from University of Luxembourg.
<br/>
<br/>
We recommend that you use Argon2 rather than legacy algorithms.
You'll find the specifications and reference code just below. <br/>
<br/>
</section>
<section>
<h2 id="argon2">Argon2</h2>
<ul>
<li>
<a href="https://github.com/p-h-c/phc-winner-argon2">GitHub repo</a> containing the specs and code
(<a
href="https://github.com/P-H-C/phc-winner-argon2/releases/latest">latest
release</a>)
</li>
<li>
<a
href="https://github.com/P-H-C/phc-winner-argon2/blob/master/argon2-specs.pdf">Specifications PDF</a>, including rationale
and analysis
</li>
</ul>
The reference code is C89-compliant C, licensed under <a
href="https://creativecommons.org/about/cc0">CC0</a>, a.k.a. public
domain.
It should compile on x86 and x86_64 architectures, as well as most ARM
architectures (except for the code optimized for x86 and x86_64). It
should compile on Linux, OS X, and Windows OS', as well as MinGW
environments.
<br/>
<br/>
There are two main versions of Argon2, Argon2i and Argon2d. Argon2i is
the safest against side-channel attacks, while Argon2d provides the
highest resistance against GPU cracking attacks.
<br/>
<br/>
Argon2i and Argon2d are parametrized by
<ul>
<li>
A <b>time</b> cost, which defines the execution time
</li>
<li>
A <b>memory</b> cost, which defines the memory usage
</li>
<li>
A <b>parallelism</b> degree, which defines the number of threads
</li>
</ul>
See the <a
href="https://github.com/P-H-C/phc-winner-argon2/blob/master/README.md">README</a>
for detailed instructions.
You can try Argon2 online on <a href="https://argon2.online/">argon2.online</a>.
<br/><br/>
Bindings are available for most languages.
</section>
<section>
<h2 id="phc">PHC</h2>
The Password Hashing Competition (PHC) was initiated by Jean-Philippe
Aumasson in fall 2012, and organized thanks to a panel joined by
Tony Arcieri (@bascule, Square)
Dmitry Chestnykh (@dchest, Coding Robots),
Jeremi Gosney (@jmgosney, Stricture Consulting Group),
Russell Graves (@bitweasil, Cryptohaze),
Matthew Green (@matthew_d_green, Johns Hopkins University),
Peter Gutmann (University of Auckland),
Pascal Junod (@cryptopathe, HEIG-VD),
Poul-Henning Kamp (FreeBSD),
Stefan Lucks (Bauhaus-Universität Weimar),
Samuel Neves (@sevenps, University of Coimbra),
Colin Percival (@cperciva, Tarsnap),
Alexander Peslyak (@solardiz, Openwall),
Marsh Ray (@marshray, Microsoft),
Jens Steube (@hashcat, Hashcat project),
Steve Thomas (@Sc00bzT, TobTu),
Meltem Sonmez Turan (NIST),
Zooko Wilcox-O'Hearn (@zooko, Least Authority Enterprises),
Christian Winnerlein (@codesinchaos, Pactas),
Elias Yarrkov (@yarrkov).
<br />
<br />
In Q1 2013 we published the <a href="cfh.html">call for
submissions</a>, and by the deadline on March 31, 2014 we had received
<a href="submissions.html">24 submissions</a>. In December 2014 we
shortlisted 9 finalists and published a <a
href="report-finalists.html">short report</a>. In July 2015 we announced
Argon2 as a winner and gave special recognition to four of the
finalists:
<ul>
<li>
<a
href="https://www.uni-weimar.de/de/medien/professuren/mediensicherheit/research/catena/">Catena</a>, for its agile
framework approach and side-channel resistance
(<a href="submissions/Catena-v5.tar.gz">Catena-v5.tar.gz</a>)
</li>
<li>
<a href="https://en.wikipedia.org/wiki/Lyra2">Lyra2</a>, for its elegant
sponge-based design, and alternative approach to side-channel resistance
(<a href="submissions/Lyra2-v3.tar.gz">Lyra2-v3.tar.gz</a>)
</li>
<li>
<a href="http://www.bolet.org/makwa/">Makwa</a>, for its unique
delegation feature and its factoring-based security
(<a href="submissions/Makwa-v1.tar.gz">Makwa-v1.tar.gz</a>)
</li>
<li>
<a href="https://www.openwall.com/yescrypt/">yescrypt</a>, for its rich feature set and
easy upgrade path from scrypt
(<a href="submissions/yescrypt-v2.tar.gz">yescrypt-v2.tar.gz</a>)
</li>
</ul>
</section>
<section>
<h2 id="contact">Contact</h2>
Questions about Argon2 or PHC can be addressed to the public mailing
list <a
href="mailto:discussions@password-hashing.net">discussions@password-hashing.net</a>
(you need to register first by sending an empty message to <a href=
"mailto:discussions-subscribe@password-hashing.net">discussions-subscribe@password-hashing.net</a>).
<a href="https://lists.openwall.net/phc-discussions/">Public
archives</a> of this mailing list are available thanks to <a
href="http://gmane.org">Gmane</a>.
<br/>
<br/>
Issues with the Argon2 code should preferably be reported in the <a
href="https://github.com/P-H-C/phc-winner-argon2/issues">GitHub issues
space</a>.
For private contact related to Argon2, please email <a
href="mailto:khovratovich@gmail.com">khovratovich@gmail.com</a>.
For any other issue, please email
<a
href="mailto:jeanphilippe.aumasson@gmail.com">jeanphilippe.aumasson@gmail.com</a>.
</section>
<footer>
<br />
<hr />
<i><small>Modified: 2019-04-25</small></i>
</footer>
</body>
</html>