[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Let's shrink Packages.xz

Peter Palfrader <weasel@debian.org> writes:
> On Mon, 14 Jul 2014, Russ Allbery wrote:

>> Using multiple hashes gives us some theoretical robustness against a
>> break in one of the hash functions provided that all clients check all
>> the hashes and the hashes would fail independently (which is likely).

> I would like to see some supporting evidence for the claim that they
> will likely fail independently.  In particular given that they are all
> the same construct.

SHA-1 and SHA-2 are relatively independent constructions, so it seems
intuitive to me that achieving a hash collision simultaneously with both
constructions would be harder than finding a hash collision for either of
them independently.

I admit that this argument is much stronger for SHA-2 and SHA-3, where
there is no commonality at all between the algorithms (that I know of).

That said...

> I think just having a single, strong hash in Packages ought to be
> sufficient.

...I agree with this.  I think that, even if this approach works and all
the clients check, the level of additional security that we get from
having multiple hashes isn't worth the overhead.

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>
Reply to: