[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: new hashes (SHA512, SHA3) in apt metadata and .changes files?

On Thu, 2013-08-08 at 22:21 +0200, Wouter Verhelst wrote:
> On 05-08-13 02:16, Ben Hutchings wrote:
> > On Sun, 2013-08-04 at 16:45 +0200, Wouter Verhelst wrote:
> >> On 03-08-13 13:45, Ondřej Surý wrote:
> >>> I think it's useless to upgrade to SHA512 (or SHA-3),
> >>
> >> It's never useless to upgrade to a stronger hash.
> >>
> >> The cost might outweight the benefit, yes. But that's a different matter.
> > 
> > What makes you think these are stronger?
> Simple mathematics.
> To me, a "strong hash" is a hash for which collisions are unlikely.

There is a big difference between *likelihood* of a random collision,
and *difficulty* of deliberately constructing a collision.  The latter
case is not simple mathematics.  Still, if I understand correctly,
current attacks on SHA-256 and SHA-512 only improve by a few orders of
magnitude over a brute force search, which does make SHA-512 much

If I understand correctly, SHA-3 is a very different algorithm, but not
necessarily stronger.  It's probably worth designing into cryptographic
hardware for the next few decades, but there's no need to start using

I think SHA-2 (with any of the specified hash lengths) is good enough
for now - it's just not going to be the weak link in authenticating
Debian packages.


Ben Hutchings
The two most common things in the universe are hydrogen and stupidity.

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: