Self Introduction
Technion
technion at lolware.net
Fri Aug 2 03:42:19 UTC 2013
Hi All,
I'm writing to introduce myself in relation to my recent submission.
I've created bug 991314 (https://bugzilla.redhat.com/show_bug.cgi?id=991314) in relation to my scrypt library. Password compromises have become a major public issue recently, and in the case of most of the developers I've talked to - they simply use what's easily accessible to them.
For those who haven't seen it, scrypt was developed and documented here: http://www.tarsnap.com/scrypt.html. In short, it's a password hashing algorithm designed to be not only "CPU hard", as is exemplified with PBKDF2, but also "memory hard". This creates difficulties for crackers using low memory FPGAs, and clusters of cheap devices.
The library was picked up without my involvement for review in Debian, and has been accepted into FreeBSD ports. By continuing this trend into Fedora we can encourage the development of more secure platforms.
My coding style focuses heavily on portable, reliable code, and avoids unnecessary features. You can see my typical testing process for libscrypt here, on which I will be shortly adding Fedora 19 and FreeBSD:
http://www.lolware.net/libscrypttesting.txt
The website for my library is
http://www.lolware.net/libscrypt.html
And technical documentation is in the README, best seen here:
https://github.com/technion/libscrypt
Based on the above, I'd very much appreciate a sponsor to get my software packaged.
I am however - new the building a .spec file, and welcome any criticism related to it.
Joshua Small
More information about the devel
mailing list