| 1 |
On 24/10/2017 06:11, Michał Górny wrote: |
| 2 |
> W dniu wto, 24.10.2017 o godzinie 06∶04 +0200, użytkownik Michał Górny |
| 3 |
> napisał: |
| 4 |
>> Three hashes don't give any noticeable advantage. If we want a diverse |
| 5 |
>> construct, we take SHA3. SHA3 is slower than SHA2 + BLAKE2 combined, so |
| 6 |
>> even with 3 threaded computation it's going to be slower. |
| 7 |
> |
| 8 |
> Oh, and most notably, the speed loss will be mostly visible to users. |
| 9 |
> An attacker would have to compute the additional hashes only |
| 10 |
> if the fastest hash already matched, i.e. rarely. Users will have to |
| 11 |
> compute them all the time. |
| 12 |
|
| 13 |
I'm surprised to see bikeshedding about this, where the performance |
| 14 |
argument was shown to be speculative. |
| 15 |
|
| 16 |
Consider clarifying what's the goal of this thread. |
| 17 |
|
| 18 |
It seemed like a relatively obvious cleanup / modernizing the set of |
| 19 |
hash functions, and I'd still be supportive of that. |
| 20 |
|
| 21 |
Paweł |
Archives