[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: dpkg-sig support wanted?

Scripsit Peter Samuelson <peter@p12n.org>

> For large files, getting a cryptographic checksum is more about reading
> blocks off the disk than about CPU time.  So it wouldn't be completely
> ridiculous to allow sha-1 to remain ambiguous with competing 160-bit
> hashes, and have --check check for all of them (reading the file only
> once).

That sounds cryptographically unsafe. It would mean that a practical
preimage attack against _any_ of the supported hashes would break the
entire system. That's not the kind of algorithm agility we need.

> I still think two-byte prefixes for non-md5-non-sha1 hashes makes some
> sense, like s- for sha-256.

That is much better. But let's use "s." as a prefix and do a
[/+] -> [_-] substitution on the following base64 data. The dot
in the prefix will prevent the prefix from being mistaken as part of a
slightly larger non-tagged hash value.

>>   $ dsum -a sha1 foo; sha1sum foo
>>   f572d396fae9206628714fb2ce00f72e94f2258f  foo
>>   f572d396fae9206628714fb2ce00f72e94f2258f  foo

There appears to be to few characters of hash there, at least unless
it is a cosmically weird coincidence that it base64 encodes to all hex
digits. :-)

I would expect something like

$ dsum -a sha1 COPYING; sha1sum COPYING
$ dsum -a sha1 -a md5 COPYING
4325afd396febcb659c36b49533135d4  COPYING
$ echo moooooooo | sha1sum -
s.-tUTs04N4IxBOtWpdoIXt1b0qgHIgNm9IC_OgYjm-mU  -

Henning Makholm            "But I am a Sunni Muslim," the bemused Arab said.

Reply to: