1 |
On Fri, Oct 20, 2017 at 5:42 PM, Anton Molyboha <anton.stay.connected@gmail. |
2 |
com> wrote: |
3 |
|
4 |
> On Thu, Oct 19, 2017 at 6:49 PM, Gordon Pettey <petteyg359@×××××.com> |
5 |
> wrote: |
6 |
> |
7 |
>> On Thu, Oct 19, 2017 at 5:32 PM, Hanno Böck <hanno@g.o> wrote: |
8 |
>> |
9 |
>>> On Thu, 19 Oct 2017 21:08:40 +0200 |
10 |
>>> Michał Górny <mgorny@g.o> wrote: |
11 |
>>> |
12 |
>>> > manifest-hashes = SHA512 SHA3_512 |
13 |
>>> |
14 |
>>> Counterproposal: Just use SHA512. |
15 |
>>> |
16 |
>>> There isn't any evidence that any SHA2-based hash algorithm is going to |
17 |
>>> be broken any time soon. If that changes there will very likely be |
18 |
>>> decades of warning before a break becomes practical. |
19 |
>>> |
20 |
>>> Having just one hash is simpler and using a well supported one like |
21 |
>>> SHA512 may make things easier than using something that's still not |
22 |
>>> very widely supported. |
23 |
>> |
24 |
>> |
25 |
>> Yet having more than one lets you match make sure nobody hijacked your |
26 |
>> manifest file when an attack vector is inevitably discovered for the old |
27 |
>> new algorithm (whether SHA2, SHA3, or BLAKE2), because you'll be able to |
28 |
>> confirm the file is the same one that matched the old checksum in addition |
29 |
>> to the new one. |
30 |
>> |
31 |
> |
32 |
> Would it make sense then to support several hashes but let the user |
33 |
> optionally turn off the verification of some of them, depending on the |
34 |
> user's security vs performance requirements? |
35 |
> |
36 |
I would strongly question whether anybody is actually running emerge (or |
37 |
whatever command that would be using the manifests) on systems that don't |
38 |
have the CPU power to check a few hashes. If the CPU is really that weak, |
39 |
there are likely much more important issues to deal with than what |
40 |
combination of hashing algorithms manifests use. Things like "I should be |
41 |
using pre-built system images because my CPU is orders of magnitude to even |
42 |
do dependency tree calculation in less than a decade"... |