public inbox for gentoo-dev@lists.gentoo.org
 help / color / mirror / Atom feed
From: "Hanno Böck" <hanno@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] Manifest2 hashes, take n+1-th
Date: Fri, 20 Oct 2017 14:55:41 +0200	[thread overview]
Message-ID: <20171020145541.20ff92da@pc1> (raw)
In-Reply-To: <23017.49274.836794.894102@a1i15.kph.uni-mainz.de>

[-- Attachment #1: Type: text/plain, Size: 1957 bytes --]

On Fri, 20 Oct 2017 11:23:06 +0200
Ulrich Mueller <ulm@gentoo.org> wrote:

> >>>>> On Fri, 20 Oct 2017, Dirkjan Ochtman wrote:  
> 
> > As Hanno was saying, we'll have decades of warning before a break
> > becomes practical, so I don't think this is a real concern.  
> 
> How can we be sure of that? I guess the same reasoning was applied
> when MD5 and SHA1 hashes were used.

MD5 warning 1996:
ftp://ftp.iks-jena.de/mitarb/lutz/crypt/hash/dobbertin.ps

MD5 broken 2005:
http://merlot.usc.edu/csac-f06/papers/Wang05a.pdf

SHA1 warning 2005:
https://people.csail.mit.edu/yiqun/SHA1AttackProceedingVersion.pdf

SHA1 broken 2017:
https://shattered.io/


It's reasonable to assume that modern hash functions will have a far
longer warning period. For two reasons:
* their safety margin is much higher to begin with, particularly if
  you choose something like SHA512 (256 bit collission resistance). It
  was more or less always clear that MD5 (64 bit) and SHA1 (80 bit) are
  in risky terrain even without any cryptographic breakthrough.
* hash function research in 2017 is lightyears ahead of hash function
  research in the 90s and early 2000s. One major outcome of the
  research after the big hash breakdown in 2005 was that SHA-2 is much
  safer than people previously thought.


I don' have a very strong opinion on this. Having two hash functions
probably won't harm. Though I tend to prefer the simplest solutions if
it's secure. And all my cryptographic knowledge tells me that "What if
sha512 is broken?" isn't a realistic problem to be concerned about.


I do feel it's a bit ironic that we have these lengthy discussions
about hash functions while at the same time they provide little
security to begin with, because they aren't transmitted over a secure
channel and not signed...

-- 
Hanno Böck
https://hboeck.de/

mail/jabber: hanno@hboeck.de
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

  parent reply	other threads:[~2017-10-20 12:55 UTC|newest]

Thread overview: 76+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-10-19 19:08 [gentoo-dev] Manifest2 hashes, take n+1-th Michał Górny
2017-10-19 21:00 ` Michał Górny
2017-10-19 22:20   ` Francesco Riosa
2017-10-20 23:38     ` Michał Górny
2017-10-21  1:21       ` R0b0t1
2017-10-19 22:32 ` Hanno Böck
2017-10-19 22:49   ` Gordon Pettey
2017-10-20  9:10     ` Dirkjan Ochtman
2017-10-20  9:23       ` Ulrich Mueller
2017-10-20  9:31         ` Dirkjan Ochtman
2017-10-20 12:55         ` Hanno Böck [this message]
2017-10-20 13:04       ` Kristian Fiskerstrand
2017-10-20 13:32         ` Rich Freeman
2017-10-21  1:23         ` R0b0t1
2017-10-20 22:42     ` Anton Molyboha
2017-10-20 23:03       ` Gordon Pettey
2017-10-20 23:39       ` Michał Górny
2017-10-21  2:56         ` [gentoo-dev] " Duncan
2017-10-20 13:05   ` [gentoo-dev] " Michael Orlitzky
2017-10-20 13:26     ` Kristian Fiskerstrand
2017-10-20 15:42 ` Paweł Hajdan, Jr.
2017-10-20 16:15   ` Michał Górny
2017-10-21  8:01     ` Paweł Hajdan, Jr.
2017-10-21  8:20       ` Michał Górny
2017-10-20 22:21 ` R0b0t1
2017-10-21 16:26   ` Robin H. Johnson
2017-10-21 17:12     ` R0b0t1
2017-10-21 17:37       ` R0b0t1
2017-10-21 17:50       ` Hanno Böck
2017-10-21 20:11         ` [gentoo-dev] " Duncan
2017-11-08 18:57           ` R0b0t1
2017-11-08 20:01             ` Jonas Stein
2017-11-08 23:45               ` [gentoo-dev] " R0b0t1
2017-11-15 21:02             ` [gentoo-dev] Manifest2 hashes: validation of single hash per MANIFESTx_REQUIRED_HASH Robin H. Johnson
2017-11-21  3:00               ` R0b0t1
2017-11-21  3:15                 ` R0b0t1
2017-11-21  4:19                   ` Matt Turner
2017-11-21  4:28                     ` R0b0t1
2017-11-08 19:01         ` [gentoo-dev] Manifest2 hashes, take n+1-th R0b0t1
2017-10-23  8:16   ` [gentoo-dev] Manifest2 hashes, take n+1-th: 3 hashes for the tie-breaker case Robin H. Johnson
2017-10-23 11:33     ` Michał Górny
2017-10-23 21:00       ` Robin H. Johnson
2017-10-24  4:04         ` Michał Górny
2017-10-24  4:11           ` Michał Górny
2017-10-24  8:21             ` Paweł Hajdan, Jr.
2017-10-24 12:01               ` Rich Freeman
2017-10-24 11:56             ` Chí-Thanh Christopher Nguyễn
2017-10-24 13:25               ` Michał Górny
2017-10-24 21:33                 ` Allan Wegan
2017-10-25  2:40                   ` [gentoo-dev] Manifest2 hashes, take n+1-th: one hash to decide them all Robin H. Johnson
2017-10-25 12:32                     ` Hanno Böck
2017-10-25 17:43                       ` Paweł Hajdan, Jr.
2017-10-28  4:54                     ` R0b0t1
2017-11-13  2:22             ` [gentoo-dev] Manifest2 hashes, take n+1-th: 3 hashes for the tie-breaker case Joshua Kinard
2017-11-13  3:48               ` Gordon Pettey
2017-11-13  4:28                 ` Joshua Kinard
2017-11-13  7:37               ` Michał Górny
2017-10-21  2:01 ` [gentoo-dev] Manifest2 hashes, take n+1-th Jason A. Donenfeld
2017-10-21  7:09   ` Michał Górny
2017-10-21  2:08 ` Chí-Thanh Christopher Nguyễn
2017-10-21  7:09   ` Michał Górny
2017-11-06 16:58 ` Michał Górny
2017-11-06 19:13   ` Robin H. Johnson
2017-11-06 19:25     ` Mike Gilbert
2017-11-06 19:36     ` Michał Górny
  -- strict thread matches above, loose matches on Subject: below --
2017-11-15 16:28 [gentoo-dev] manifest-hashes changing to 'BLAKE2B SHA512' on 2017-11-21 Michał Górny
2017-11-15 17:47 ` R0b0t1
2017-11-15 19:21   ` NP-Hardass
2017-11-15 20:21     ` William L. Thomson Jr.
2017-11-15 21:15       ` Rich Freeman
2017-11-15 22:10         ` William L. Thomson Jr.
     [not found]         ` <20171115171011.07ffd30a@wlt.obsidian-studios.com>
2017-11-15 22:19           ` William L. Thomson Jr.
2017-11-15 20:14   ` William L. Thomson Jr.
2017-11-15 19:25 ` Nils Freydank
2017-11-15 22:56 ` Michał Górny
2017-11-21 18:21 ` Michał Górny

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20171020145541.20ff92da@pc1 \
    --to=hanno@gentoo.org \
    --cc=gentoo-dev@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox