From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 843601396D9 for ; Fri, 20 Oct 2017 09:31:53 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 8F42A2BC026; Fri, 20 Oct 2017 09:31:48 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 444EF2BC006 for ; Fri, 20 Oct 2017 09:31:48 +0000 (UTC) Received: from mail-wm0-f53.google.com (mail-wm0-f53.google.com [74.125.82.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: djc) by smtp.gentoo.org (Postfix) with ESMTPSA id F229B33BF44 for ; Fri, 20 Oct 2017 09:31:46 +0000 (UTC) Received: by mail-wm0-f53.google.com with SMTP id f4so21225215wme.0 for ; Fri, 20 Oct 2017 02:31:46 -0700 (PDT) X-Gm-Message-State: AMCzsaXK0V1SNlmjfya3A/zXqcvppPJ4LkfAJRJSdTOBpevzezWAptA+ 8ZlJGS7hLPnJTEvDNBZJsrJpqGeadvw0yk+PL6k= X-Google-Smtp-Source: ABhQp+QoqzG4LNJhmanGaes9XnJEv+nyGjxy90Ir/7TwZ/WHl60OJq50WRKJCEd/NQgd7L1aN0lnmx7hrh3DRj+i+ec= X-Received: by 10.28.234.197 with SMTP id g66mr974657wmi.76.1508491904136; Fri, 20 Oct 2017 02:31:44 -0700 (PDT) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Received: by 10.28.98.86 with HTTP; Fri, 20 Oct 2017 02:31:23 -0700 (PDT) In-Reply-To: <23017.49274.836794.894102@a1i15.kph.uni-mainz.de> References: <1508440120.19870.14.camel@gentoo.org> <20171020003258.7ad4695b@pc1> <23017.49274.836794.894102@a1i15.kph.uni-mainz.de> From: Dirkjan Ochtman Date: Fri, 20 Oct 2017 11:31:23 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [gentoo-dev] Manifest2 hashes, take n+1-th To: Gentoo Development Content-Type: multipart/alternative; boundary="001a11477abc17be2b055bf72415" X-Archives-Salt: 57bf5359-46af-47e1-8c3a-9d10d7c55336 X-Archives-Hash: f0b154ad2b1982ff8dd5da10e3cbf4d2 --001a11477abc17be2b055bf72415 Content-Type: text/plain; charset="UTF-8" On Fri, Oct 20, 2017 at 11:23 AM, Ulrich Mueller wrote: > >>>>> On Fri, 20 Oct 2017, Dirkjan Ochtman wrote: > > > As Hanno was saying, we'll have decades of warning before a break > > becomes practical, so I don't think this is a real concern. > > How can we be sure of that? I guess the same reasoning was applied > when MD5 and SHA1 hashes were used. > Yeah, and it actually did happen that way. Typically before preimage attacks (which are what we really care about here, as far as I understand it) happen there are several other types of attacks that will happen first, and that will provide advance warning about the level of security provided by SHA2. Cheers, Dirkjan --001a11477abc17be2b055bf72415 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
On Fri, Oct 20, 2017 at 11:23 AM, Ulrich Mueller <ulm@gentoo= .org> wrote:
>>>>&g= t; On Fri, 20 Oct 2017, Dirkjan Ochtman wrote:

> As Hanno was saying, we'll have decades of warning before a break<= br> > becomes practical, so I don't think this is a real concern.

How can we be sure of that? I guess the same reasoning was applied when MD5 and SHA1 hashes were used.

Yeah, and it actua= lly did happen that way. Typically before preimage attacks (which are what = we really care about here, as far as I understand it) happen there are seve= ral other types of attacks that will happen first, and that will provide ad= vance warning about the level of security provided by SHA2.

<= /div>
Cheers,

Dirkjan
--001a11477abc17be2b055bf72415--