Cryptology ePrint Archive: Report 2014/881

Overview of the Candidates for the Password Hashing Competition - And Their Resistance Against Garbage-Collector Attacks

Christian Forler and Eik List and Stefan Lucks and Jakob Wenzel

Abstract: In this work we provide an overview of the candidates of the Password Hashing Competition (PHC) regarding to their functionality, e.g., client-independent update and server relief, their security, e.g., memory-hardness and side-channel resistance, and its general proper- ties, e.g., memory usage and flexibility of the underlying primitives. Furthermore, we formally introduce two kinds of attacks, called Garbage- Collector and Weak Garbage-Collector Attack, exploiting the memory management of a candidate. Note that we consider all candidates which are not yet withdrawn from the competition.

Category / Keywords: Password Hashing Competition, Overview, Garbage-Collector Attacks

Date: received 24 Oct 2014, last revised 15 Jul 2015

Contact author: jakob wenzel at uni-weimar de

Available format(s): PDF | BibTeX Citation

Version: 20150715:083248 (All versions of this report)

Short URL: ia.cr/2014/881

Discussion forum: Show discussion | Start new discussion