Re: Let's shrink Packages.xz
Peter Palfrader <weasel@debian.org> writes:
> On Mon, 14 Jul 2014, Russ Allbery wrote:
>> Using multiple hashes gives us some theoretical robustness against a
>> break in one of the hash functions provided that all clients check all
>> the hashes and the hashes would fail independently (which is likely).
> I would like to see some supporting evidence for the claim that they
> will likely fail independently. In particular given that they are all
> the same construct.
SHA-1 and SHA-2 are relatively independent constructions, so it seems
intuitive to me that achieving a hash collision simultaneously with both
constructions would be harder than finding a hash collision for either of
them independently.
I admit that this argument is much stronger for SHA-2 and SHA-3, where
there is no commonality at all between the algorithms (that I know of).
That said...
> I think just having a single, strong hash in Packages ought to be
> sufficient.
...I agree with this. I think that, even if this approach works and all
the clients check, the level of additional security that we get from
having multiple hashes isn't worth the overhead.
--
Russ Allbery (rra@debian.org) <http://www.eyrie.org/~eagle/>
Reply to: