From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 02BA01396D9 for ; Wed, 8 Nov 2017 19:01:45 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 55A8BE0F15; Wed, 8 Nov 2017 19:01:40 +0000 (UTC) Received: from mail-yw0-x22d.google.com (mail-yw0-x22d.google.com [IPv6:2607:f8b0:4002:c05::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 0215CE0F06 for ; Wed, 8 Nov 2017 19:01:39 +0000 (UTC) Received: by mail-yw0-x22d.google.com with SMTP id u142so3198319ywg.4 for ; Wed, 08 Nov 2017 11:01:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-transfer-encoding; bh=v4GolG+LUatpeTRmXkXMYxqk2Pzy+ms/4ufGXG57Ank=; b=MBctqDqUz4Ssi3HmtYbA1PYZJhtfIKeuaKkof68RWgPe8aTiBmWin7vcmNmaw/NDv8 LQD5swFnZ0cGCNHhx+PJ7S60Xao8CoCFIMLMtq2iOrmkBqvec0+Hm19XbgYlt03YuYcM N5cJ06Er3Sjwsbo2wzIPn5jglDbE//S8gESAWEQwwJm3dTTBKK209BBSIXZebWwzv4l2 kk3dRBocj05BZT8ohs21XiIUW6IE8msy7ACFpBMH6n7bFIbvv+kTGfrHLnKqXn+O0kN5 WlK9Ngsb2tinud5CJq7h3Z1KQlHQq9YPq6PxnSgneLMySsAyQZ8Yvwdnv0R/kjTCKBZd DQcQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:content-transfer-encoding; bh=v4GolG+LUatpeTRmXkXMYxqk2Pzy+ms/4ufGXG57Ank=; b=cEZOx/Pixtwcs8aV2uQ5NGMOW4j6Xwh3ar+KGQEd+B48WKhgRbK9H6G+pfpidBrsJ7 FN5gJjnMUbpgwqa3DD5/BRT8NWdzEk0cC7ssFgMKyaEZdvOjkZ59ty3b3L+yFjVymsqD 75OLWbQTp/YUWLoNNl7EWNfyzvZZqSx/1Zd9jupbwO4XS1MtLKgtbGC0D7IfHvlgMWg+ QN+2br2kL6CqdJRRGaVuT3laDJaKceELA/W5E217q5lmfgbXsnhQNGnETZfoEvtS/nKS g+S8W91n45yJuTXX4+l+iR2L/iU60fd4Ht67FFYx4Uz3mkG5oW3UjblmQBbF2JVVVpLk n1Mw== X-Gm-Message-State: AJaThX6ayptkO6/NcQExGlQDGVibFZfu8JLaL6OZaQavuHRpTKKU/hoF /MjOBOMFm8HZY2FSZV7Yoj65A9XVafyHpndbhj0= X-Google-Smtp-Source: ABhQp+RgblKLFk8DBwdWo/a0NiMZ1d42uYecS+NwjXEirNLiK92V4xlnrkukmD+e4yPv0TxAzYR7bLY+ABX5y1yrgSg= X-Received: by 10.129.52.194 with SMTP id b185mr1060119ywa.265.1510167698837; Wed, 08 Nov 2017 11:01:38 -0800 (PST) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Received: by 10.129.153.84 with HTTP; Wed, 8 Nov 2017 11:01:37 -0800 (PST) In-Reply-To: <20171021195011.55b3ce6b@pc1> References: <1508440120.19870.14.camel@gentoo.org> <20171021195011.55b3ce6b@pc1> From: R0b0t1 Date: Wed, 8 Nov 2017 13:01:37 -0600 Message-ID: Subject: Re: [gentoo-dev] Manifest2 hashes, take n+1-th To: gentoo-dev@lists.gentoo.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Archives-Salt: 488e2a77-9940-49ed-b779-f11207588728 X-Archives-Hash: efe1758b964c22f8357f797c82e1ecb4 My apologies, I forgot to address something: On Sat, Oct 21, 2017 at 12:50 PM, Hanno B=C3=B6ck wrote: > On Sat, 21 Oct 2017 12:12:44 -0500 > R0b0t1 wrote: > >> That is precisely why I didn't suggest it be used on its own (see note >> about extant use of MD5), and why I gave alternatives. If it is >> desired that the hashes be computed quickly then weaker hashes will >> need to be used. One usually can't have both security and speed. > > You can have that. Blake2 is faster than any broken legacy hash. > And ripemd isn't particularly fast > Fair enough, but it is new and may have security problems related to its operation that have not been found. This is hard to reason about, but I would note that many cryptographic standards are fairly conservative for similar reasons. Ease of computation reduces security. Respectfully, R0b0t1