From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-dev+bounces-82470-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 067501396D9
	for <garchives@archives.gentoo.org>; Sat, 21 Oct 2017 17:50:25 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 868A5E0D12;
	Sat, 21 Oct 2017 17:50:20 +0000 (UTC)
Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 31CF7E0CBF
	for <gentoo-dev@lists.gentoo.org>; Sat, 21 Oct 2017 17:50:20 +0000 (UTC)
Received: from pc1 (0x3ec70978.osd.customer.dk.telia.net [62.199.9.120])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	(Authenticated sender: hanno)
	by smtp.gentoo.org (Postfix) with ESMTPSA id D10E533BEB4
	for <gentoo-dev@lists.gentoo.org>; Sat, 21 Oct 2017 17:50:17 +0000 (UTC)
Date: Sat, 21 Oct 2017 19:50:11 +0200
From: Hanno =?UTF-8?B?QsO2Y2s=?= <hanno@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] Manifest2 hashes, take n+1-th
Message-ID: <20171021195011.55b3ce6b@pc1>
In-Reply-To: <CAAD4mYj58-3pzLgNNeeodgRevcceH7Ufd=OvuRjMtcA+xbaNWw@mail.gmail.com>
References: <1508440120.19870.14.camel@gentoo.org>
	<CAAD4mYhkpzGKXxwZn-2arwj4NuU5U+fsWRkNw0uRRm6X_MKgfw@mail.gmail.com>
	<robbat2-20171021T162151-007393951Z@orbis-terrarum.net>
	<CAAD4mYj58-3pzLgNNeeodgRevcceH7Ufd=OvuRjMtcA+xbaNWw@mail.gmail.com>
X-Mailer: Claws Mail 3.15.1-dirty (GTK+ 2.24.31; x86_64-pc-linux-gnu)
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Archives-Salt: 04790abc-0495-485f-a53f-56e58affb133
X-Archives-Hash: 8b04a0211cf713889774803bc29f44a1

On Sat, 21 Oct 2017 12:12:44 -0500
R0b0t1 <r030t1@gmail.com> wrote:

> That is precisely why I didn't suggest it be used on its own (see note
> about extant use of MD5), and why I gave alternatives. If it is
> desired that the hashes be computed quickly then weaker hashes will
> need to be used. One usually can't have both security and speed.

You can have that. Blake2 is faster than any broken legacy hash.
And ripemd isn't particularly fast

> People are discussing collision resistance, but no one here appears to
> be trained in cryptography.

For the record, I'd claim I am.

--=20
Hanno B=C3=B6ck
https://hboeck.de/

mail/jabber: hanno@hboeck.de
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42