david wong

Hey! I'm David, a security consultant at Cryptography Services, the crypto team of NCC Group . This is my blog about cryptography and security and other related topics that I find interesting.

SHA-3 vs the world @ OWASP London

posted November 2017

I just gave a talk at OWASP London on SHA-3 and derived functions + derived protocols.

It was apparently the first crypto talk in 5 years so I'm glad I revived this part of OWASP =)

Well done! You've reached the end of my post. Now you can leave me a comment :)


ffffffffffffffffffffffff yes


Three minor things:
33:10: Parallel vs sequential for passwords. Parallel is better because it is faster. Note more work in less time is better.
44:27: Stream cipher, not one time pad.
50:31: Skylake doesn't have SHA instructions. So those are max speeds (Assumes code is optimized). Note ARM has SHA1 and SHA256 since forever (Now even Raspberry Pi has it: 2 v1.2, 3, 3+). If you ran SHA256 like K12, "Kangaroo-SHA256 " would be faster.