Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 29 Oct 2018 09:33:08 -0800
From: Royce Williams <>
Subject: Re: Bloom filter patent

On Mon, Oct 29, 2018 at 8:01 AM Solar Designer <> wrote:

> A couple of weeks ago, I learned that a company claims to have patented
> the use of Bloom filter for checking whether a password is known to have
> been compromised:
> hxxps://
> hxxps://
> "Blackfish doesn't store passwords
> The security of the Blackfish system itself was the most important
> design consideration.  Shape's patented design uses a Bloom filter,
> enabling Blackfish to perform lookups of your user's credentials without
> maintaining a database of compromised passwords."

According to this cache of Passwords '14 proceedings, Blackfish was around
at that time:

Potential other prior art and/or informative links, not yet analyzed (some
suggested to me off-list after a side query):
(Spafford, 1991 - "OPUS")
(Spafford, 1992)
(Schecter, Herley, Mitzenmacher, 2010) (2015) (2017)


Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.