< draft-irtf-cfrg-argon2-05.txt   draft-irtf-cfrg-argon2-06.txt >
skipping to change at page 1, line 13 skipping to change at page 1, line 13
Network Working Group A. Biryukov Network Working Group A. Biryukov
Internet-Draft D. Dinu Internet-Draft D. Dinu
Intended status: Informational University of Luxembourg Intended status: Informational University of Luxembourg
Expires: December 19, 2019 D. Khovratovich Expires: December 19, 2019 D. Khovratovich
ABDK Consulting ABDK Consulting
S. Josefsson S. Josefsson
SJD AB SJD AB
June 17, 2019 June 17, 2019
The memory-hard Argon2 password hash and proof-of-work function The memory-hard Argon2 password hash and proof-of-work function
draft-irtf-cfrg-argon2-05 draft-irtf-cfrg-argon2-06
Abstract Abstract
This document describes the Argon2 memory-hard function for password This document describes the Argon2 memory-hard function for password
hashing and proof-of-work applications. We provide an implementer- hashing and proof-of-work applications. We provide an implementer-
oriented description together with sample code and test vectors. The oriented description together with sample code and test vectors. The
purpose is to simplify adoption of Argon2 for Internet protocols. purpose is to simplify adoption of Argon2 for Internet protocols.
This document is a product of the Crypto Forum Research Group (CFRG) This document is a product of the Crypto Forum Research Group (CFRG)
in the IRTF. in the IRTF.
skipping to change at page 28, line 42 skipping to change at page 28, line 42
The Argon2id variant with t=1 and maximum available memory is The Argon2id variant with t=1 and maximum available memory is
recommended as a default setting for all environments. This setting recommended as a default setting for all environments. This setting
is secure against side-channel attacks and maximizes adversarial is secure against side-channel attacks and maximizes adversarial
costs on dedicated bruteforce hardware. costs on dedicated bruteforce hardware.
10. References 10. References
10.1. Normative References 10.1. Normative References
[BLAKE2] Saarinen, M-J., Ed. and J-P. Aumasson, "The BLAKE2
Cryptographic Hash and Message Authentication Code (MAC)",
RFC 7693, November 2015,
<https://www.rfc-editor.org/info/rfc7693>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", RFC 2119, March 1997, Requirement Levels", RFC 2119, March 1997,
<http://www.rfc-editor.org/info/rfc2119>. <http://www.rfc-editor.org/info/rfc2119>.
[RFC7693] Saarinen, M-J., Ed. and J-P. Aumasson, "The BLAKE2
Cryptographic Hash and Message Authentication Code (MAC)",
RFC 7693, DOI 10.17487/RFC7693, November 2015,
<https://www.rfc-editor.org/info/rfc7693>.
10.2. Informative References 10.2. Informative References
[AB15] Biryukov, A. and D. Khovratovich, "Tradeoff Cryptanalysis [AB15] Biryukov, A. and D. Khovratovich, "Tradeoff Cryptanalysis
of Memory-Hard Functions", Asiacrypt 2015, December 2015, of Memory-Hard Functions", Asiacrypt 2015, December 2015,
<https://eprint.iacr.org/2015/227.pdf>. <https://eprint.iacr.org/2015/227.pdf>.
[AB16] Alwen, J. and J. Blocki, "Efficiently Computing Data- [AB16] Alwen, J. and J. Blocki, "Efficiently Computing Data-
Independent Memory-Hard Functions", Crypto 2016, December Independent Memory-Hard Functions", Crypto 2016, December
2015, <https://eprint.iacr.org/2016/115.pdf>. 2015, <https://eprint.iacr.org/2016/115.pdf>.
skipping to change at page 29, line 26 skipping to change at page 29, line 26
memory-hard function for password hashing and other memory-hard function for password hashing and other
applications", WWW www.cryptolux.org, October 2015, applications", WWW www.cryptolux.org, October 2015,
<https://www.cryptolux.org/images/0/0d/Argon2.pdf>. <https://www.cryptolux.org/images/0/0d/Argon2.pdf>.
[ARGON2ESP] [ARGON2ESP]
Biryukov, A., Dinu, D., and D. Khovratovich, "Argon2: New Biryukov, A., Dinu, D., and D. Khovratovich, "Argon2: New
Generation of Memory-Hard Functions for Password Hashing Generation of Memory-Hard Functions for Password Hashing
and Other Applications", Euro SnP 2016, March 2016, and Other Applications", Euro SnP 2016, March 2016,
<https://www.cryptolux.org/images/0/0d/Argon2ESP.pdf>. <https://www.cryptolux.org/images/0/0d/Argon2ESP.pdf>.
[BLAKE2] Saarinen, M-J., Ed. and J-P. Aumasson, "The BLAKE2
Cryptographic Hash and Message Authentication Code (MAC)",
RFC 7693, November 2015,
<https://www.rfc-editor.org/info/rfc7693>.
[BZ17] Blocki, J. and S. Zhou, "On the Depth-Robustness and [BZ17] Blocki, J. and S. Zhou, "On the Depth-Robustness and
Cumulative Pebbling Cost of Argon2i", TCC 2017, May 2017, Cumulative Pebbling Cost of Argon2i", TCC 2017, May 2017,
<https://eprint.iacr.org/2017/442.pdf>. <https://eprint.iacr.org/2017/442.pdf>.
[CBS16] Corrigan-Gibbs, H., Boneh, D., and S. Schechter, "Balloon [CBS16] Corrigan-Gibbs, H., Boneh, D., and S. Schechter, "Balloon
Hashing: Provably Space-Hard Hash Functions with Data- Hashing: Provably Space-Hard Hash Functions with Data-
Independent Access Patterns", Asiacrypt 2016, January Independent Access Patterns", Asiacrypt 2016, January
2016, <https://eprint.iacr.org/2016/027.pdf>. 2016, <https://eprint.iacr.org/2016/027.pdf>.
[HARD] Alwen, J. and V. Serbinenko, "High Parallel Complexity [HARD] Alwen, J. and V. Serbinenko, "High Parallel Complexity
 End of changes. 4 change blocks. 
11 lines changed or deleted 6 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/