david wong

Hey! I'm David, a security engineer at the Blockchain team of Facebook, previously a security consultant for the Cryptography Services of NCC Group. I'm also the author of the Real World Cryptography book. This is my blog about cryptography and security and other related topics that I find interesting.

SHA-3 vs the world @ OWASP London posted November 2017

I just gave a talk at OWASP London on SHA-3 and derived functions + derived protocols.

It was apparently the first crypto talk in 5 years so I'm glad I revived this part of OWASP =)

Well done! You've reached the end of my post. Now you can leave me a comment or read something else.



ffffffffffffffffffffffff yes


Three minor things:
33:10: Parallel vs sequential for passwords. Parallel is better because it is faster. Note more work in less time is better.
44:27: Stream cipher, not one time pad.
50:31: Skylake doesn't have SHA instructions. So those are max speeds (Assumes code is optimized). Note ARM has SHA1 and SHA256 since forever (Now even Raspberry Pi has it: 2 v1.2, 3, 3+). If you ran SHA256 like K12, "Kangaroo-SHA256 " would be faster.

Leave a comment