Cryptology ePrint Archive: Report 2015/265
Password Hashing Competition - Survey and Benchmark
George Hatzivasilis and Ioannis Papaefstathiou and Charalampos Manifavas
Abstract: Password hashing is the common approach for maintaining users' password-related information that is later used for authentication. A hash for each password is calculated and maintained at the service provider end. When a user logins the service, the hash of the given password is computed and contrasted with the stored hash. If the two hashes match, the authentication is successful. However, in many cases the passwords are just hashed by a cryptographic hash function or even stored in clear. These poor password protection practises have lead to efficient attacks that expose the users' passwords. PBKDF2 is the only standardized construction for password hashing. Other widely used primitives are bcrypt and scrypt. The low variety of methods derive the international cryptographic community to conduct the Password Hashing Competition (PHC). The competition aims to identify new password hashing schemes suitable for widespread adoption. It started in 2013 with 22 active submissions. Nine finalists are announced during 2014. In 2015, a small portfolio of schemes will be proposed. This paper provides the first survey and benchmark analysis of the 22 proposals. All proposals are evaluated on the same platform over a common benchmark suite. We measure the execution time, code size and memory consumption of PBKDF2, bcrypt, scrypt, and the 22 PHC schemes. The first round results are summarized along with a benchmark analysis that is focused on the nine finalists and contributes to the final selection of the winners.
Category / Keywords: foundations / PHC, password hashing, key deviation
Date: received 22 Mar 2015
Contact author: gchatzivasilis at isc tuc gr
Available format(s): PDF | BibTeX Citation
Note: This paper provides the first survey and benchmark analysis of the Password Hashing Competition (PHC) submissions.
Version: 20150323:122154 (All versions of this report)
Short URL: ia.cr/2015/265
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]