The Password Hashing Competition Submission Deadline is Today

Originally by Luther Martin, Chief Security Architect, Voltage Security.

According to the timeline posted on its web site, today’s the deadline for submitting entries for the Password Hashing Competition. Here’s a description of this contest:

The Password Hashing Competition (PHC) is an effort organized to identify new password hashing schemes in          order to improve on the state-of-the-art (PBKDF2, scrypt, etc.), and to encourage the use of strong password protection. Applications include for example authentication to web services, PIN authentication on mobile devices, key derivation for full disk encryption, or private keys encryption.

Motivations behind the PHC include:

  • The poor state of passwords protection in web services: passwords are too often either stored in clear (these are the services that send you your password by email after hitting “I forgot my password”), or just hashed with a cryptographic hash function (like MD5 or SHA-1), which exposes users’ passwords to efficient brute force cracking methods.
  • The low variety of methods available: the only standardized construction is PBKDF2 (PKCS#5, NIST SP 800-132), and there are mainly just two alternatives: bcrypt and scrypt.
  • A number of new ideas discussed within the security and cryptography communities, but which have not yet led to a concrete proposal.

(For more information on the topic of password hashing, a quick and comprehensive introduction is this presentation).

To identify new password hashing schemes suitable for widespread adoption, the PHC follows the model of focused cryptographic competitions such as AES, eSTREAM, or SHA-3 (see the Cryptographic competitions website).

I haven’t seen any candidate algorithms posted on the PHC web site yet. Maybe something will appear soon, now that the deadline is here.

But the ultimate test for cryptographic algorithms in the real world is whether or not they’re approved by NIST and NIST probably doesn’t have a pressing need for a new and different password hashing algorithm, I expect that this competition won’t produce anything particularly useful, but this is one of those rare times that you actually hope that you turn out to be wrong.


Leave a Reply

Your email address will not be published. Required fields are marked *