From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 4C02F1396D9 for ; Thu, 19 Oct 2017 22:50:35 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id D43682BC0A1; Thu, 19 Oct 2017 22:50:29 +0000 (UTC) Received: from mail-ua0-x244.google.com (mail-ua0-x244.google.com [IPv6:2607:f8b0:400c:c08::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 8385D2BC006 for ; Thu, 19 Oct 2017 22:50:29 +0000 (UTC) Received: by mail-ua0-x244.google.com with SMTP id v27so7111533uav.7 for ; Thu, 19 Oct 2017 15:50:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=PvBaAHYg3UB/Qx8lYKrnBcLarfNi6ts/vBugVspUuYw=; b=jS/mZH5UvykN+uXWq3qVAoYfFwIb6954vGC4KOlLGyQpZ1aYFs2+W7yd4yyBGvHusA QUHG1+4sh5DwWstCFOXQeYjQ6D+xaEeddj/YW1epWLn56FJgzfErwbetKOx8ad5pO28g xefylI0TggAK9OsadCgfQvqlpFP04nF9uJ0EoSOL0I/tJS+t+jqt6PkrEaVyEmxxPjQ5 vxb/IjEnk3XQnVJyb0i4xOgLdrTKL3++ilIEyX2Lr0ifpK4l70oFuxb2eLKPD1yto5hY hjKeDaVBz8YtqcAEjIXD+gSnmpfm1yOsiKIe7N8zUZMuSZODGw+AyKNvXcrsa8OeQ2Y0 7oHQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=PvBaAHYg3UB/Qx8lYKrnBcLarfNi6ts/vBugVspUuYw=; b=fHpqtKAJHMqXqP4PtGRZXFmfIq2/bFU8OS/1PmuZabLw0rWceMbYOM10nqEq3e/shS JVXs6E97Fz4MSrIDNVugJud5OkOUrTM6SGfjImzuAXf+v9lzi95C6K3hL5Fr2zBRuUs6 7Cd+ZP8VtMGgBwEL0I15xHxuTg+QrTqkfenuRoGMpyWbhjaJey9P66dZqNQk3QwYxiCQ c3njOiJgdhl0sS2VUWhNEqg5aZhbhu3ouZK3xzTBsn4rqW+NniknnKzo2dnq5URyPhBt 07LVcRM9Tn+nBRKR2a0TE+kwHqbq76rgVGIN1jpv0fVprIUOMpqfJ0cRN9GB/vRqmUOr yAYw== X-Gm-Message-State: AMCzsaUwapUHIRAcnU3+KofApQfF89GgVBcmqk7KAIZDi/xTVmOK66kh 9cpA1s1vrGr2Ylq5A8gd+i398NnzaJowVhuBHtswOA== X-Google-Smtp-Source: ABhQp+R6gIplWV28OaKFOm6Jadu7pp2/YNZnoPl/lyayGZ1iMgZg3MUrdo+vh54A8ERCywFm3jFAwDcGJk7BFjoptUc= X-Received: by 10.176.95.213 with SMTP id g21mr2643298uaj.124.1508453428177; Thu, 19 Oct 2017 15:50:28 -0700 (PDT) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Received: by 10.159.61.24 with HTTP; Thu, 19 Oct 2017 15:49:47 -0700 (PDT) In-Reply-To: <20171020003258.7ad4695b@pc1> References: <1508440120.19870.14.camel@gentoo.org> <20171020003258.7ad4695b@pc1> From: Gordon Pettey Date: Thu, 19 Oct 2017 17:49:47 -0500 Message-ID: Subject: Re: [gentoo-dev] Manifest2 hashes, take n+1-th To: gentoo-dev@lists.gentoo.org Content-Type: multipart/alternative; boundary="089e08205760bf2fef055bee2e1e" X-Archives-Salt: 4603ebda-56a0-4183-bcfe-7ece9a717d74 X-Archives-Hash: 232ad73fbd062b3c6b8dd1361b8a8874 --089e08205760bf2fef055bee2e1e Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Thu, Oct 19, 2017 at 5:32 PM, Hanno B=C3=B6ck wrote: > On Thu, 19 Oct 2017 21:08:40 +0200 > Micha=C5=82 G=C3=B3rny wrote: > > > manifest-hashes =3D SHA512 SHA3_512 > > Counterproposal: Just use SHA512. > > There isn't any evidence that any SHA2-based hash algorithm is going to > be broken any time soon. If that changes there will very likely be > decades of warning before a break becomes practical. > > Having just one hash is simpler and using a well supported one like > SHA512 may make things easier than using something that's still not > very widely supported. Yet having more than one lets you match make sure nobody hijacked your manifest file when an attack vector is inevitably discovered for the old new algorithm (whether SHA2, SHA3, or BLAKE2), because you'll be able to confirm the file is the same one that matched the old checksum in addition to the new one. --089e08205760bf2fef055bee2e1e Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
On T= hu, Oct 19, 2017 at 5:32 PM, Hanno B=C3=B6ck <hanno@gentoo.org> wrote:
On Thu, 19 Oct 2017 21:08:40 += 0200
Micha=C5=82 G=C3=B3rny <mgorny@gent= oo.org> wrote:

>=C2=A0 =C2=A0manifest-hashes =3D SHA512 SHA3_512

Counterproposal: Just use SHA512.

There isn't any evidence that any SHA2-based hash algorithm is going to=
be broken any time soon. If that changes there will very likely be
decades of warning before a break becomes practical.

Having just one hash is simpler and using a well supported one like
SHA512 may make things easier than using something that's still not
very widely supported.

Yet having more than= one lets you match make sure nobody hijacked your manifest file when an at= tack vector is inevitably discovered for the old new algorithm (whether SHA= 2, SHA3, or BLAKE2), because you'll be able to confirm the file is the = same one that matched the old checksum in addition to the new one.
--089e08205760bf2fef055bee2e1e--