[prev in list] [next in list] [prev in thread] [next in thread]
List: haiku-development
Subject: [haiku-development] Re: Design for signed packages
From: Ari Haviv <arielbhaviv () gmail ! com>
Date: 2014-03-30 15:57:13
Message-ID: CAH3Br=m6gtq875E5ZZ6DeWAPVCbOPW5Te+thp4kwsjBOf1ZRYg () mail ! gmail ! com
[Download RAW message or body]
On Sun, Mar 30, 2014 at 11:38 AM, Ingo Weinhold <ingo_weinhold@gmx.de>wrote:
> On 03/27/2014 09:42 PM, Jonathan Schleifer wrote:
>
>> There were even complains that I replaced a completely broken hash!
>>
>
> Actually you introduced the only completely broken hash so far -- the file
> size. As I already wrote on the haikuports-svn list, MD5 is not broken for
> our purpose, since there's no know practical preimage attack.
>
> Anyway, no one complained about replacing MD5 with a more secure hash.
> What I did complain about is introducing multiple hashes in fear that a
> single hash algorithm could be broken eventually. That *is* highly
> paranoid. And it adds more noise to the recipes and more overhead for the
> maintainers.
>
> CU, Ingo
>
> You may want to look at PBKDF2 or the more recent scrypt (which is what
litecoin uses) as they can adapt to newer hardware
[Attachment #3 (text/html)]
<div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">On Sun, \
Mar 30, 2014 at 11:38 AM, Ingo Weinhold <span dir="ltr"><<a \
href="mailto:ingo_weinhold@gmx.de" \
target="_blank">ingo_weinhold@gmx.de</a>></span> wrote:<br> <blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div class="">On 03/27/2014 09:42 PM, Jonathan Schleifer \
wrote:<br> <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px \
#ccc solid;padding-left:1ex"> There were even complains that I replaced a completely \
broken hash!<br> </blockquote>
<br></div>
Actually you introduced the only completely broken hash so far -- the file size. As I \
already wrote on the haikuports-svn list, MD5 is not broken for our purpose, since \
there's no know practical preimage attack.<br> <br>
Anyway, no one complained about replacing MD5 with a more secure hash. What I did \
complain about is introducing multiple hashes in fear that a single hash algorithm \
could be broken eventually. That *is* highly paranoid. And it adds more noise to the \
recipes and more overhead for the maintainers.<br>
<br>
CU, Ingo<br>
<br>
</blockquote></div>You may want to look at PBKDF2 or the more recent scrypt (which is \
what litecoin uses) as they can adapt to newer hardware<br></div></div>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic