Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 22 May 2013 01:01:36 +0400
From: Alexander Cherepanov <cherepan@...me.ru>
To: john-dev@...ts.openwall.com
Subject: Re: New algorithm names

On 2013-05-22 00:25, magnum wrote:
> On 6 May, 2013, at 23:44 , magnum<john.magnum@...hmail.com>  wrote:
>> Perhaps we should revise some (many?) labels in bleeding (like wpapsk ->  WPSPSK) first though. And re-define shared things like MD5_SSE_TYPE from just SSE_type to '"MD5 " SSE_type'. I understand MD5crypt should be like this:
>> Benchmarking: md5crypt [MD5 128/128 SSE2 intrinsics 12x]... DONE
>>
>> We should stop and think now before running around in circles: When at it, I think we should abbreviate all uses of "intrinsics" in ALGORITHM_NAME because it's too long. Do we even need an abbreviation? I think not. This is enough:
>> Benchmarking: md5crypt [MD5 128/128 SSE2 12x]... DONE
>>
>> Also, should we standardize on some abbreviation of things like PBKDF2-HMAC-SHA-256 too? Perhaps drop "HMAC" (even if it's not stricly implied by PBKDF2) and just say PBKDF2-SHA256.
>>
>> BTW, doesn't "128/128" and "4x" actually say the same thing twice? So we should drop "4x". For formats where we currently say "128/128 12x" it might be more logical with "3x128/128". Perhaps even drop the 3x and just say "128/128" even if interleaved. Just thinking out loud.
>>
>> The current
>> Benchmarking: md5crypt [128/128 SSE2 intrinsics 12x]... DONE
>> Benchmarking: lastpass, LastPass sniffed sessions PBKDF2-HMAC-SHA-256 AES [128/128 SSE2 intrinsics 4x]... DONE
>>
>> could be
>> Benchmarking: md5crypt [MD5 3x128/128 SSE2]... DONE
>> Benchmarking: LastPass, sniffed sessions [PBKDF2-SHA256 128/128 SSE2 AES]... DONE
>
> Anyone having an opinion on this? I'm not quite sure how to proceed but I'd like them to be shorter.

Just a quick note:

I completely agree with you that various name should be overhauled. For 
example, the distinction between standalone hashes and sniffed hashes is 
somewhat widespread. I think the names for sniffed variants should be 
unified. Right now we have "C/R" in netlm&co., dmd5, mschapv2*, "Network 
Authentication" in mysqlna, "sniffed sessions" in lastpass and something 
strange in mongodb. And I don't think it's a good idea to use 
unqualified names for formats for sniffed hashes. "lastpass-net", 
"net-lastpass" or something like that seems to be better for sniffed 
lastpass hashes. Then "lp" (for standalone lastpass) could be changed to 
straight "lastpass". Or it could be done the backward: rename "lastpass" 
to "netlp" or "lp-cr" and leave "lp" as it is.

-- 
Alexander Cherepanov

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.