Gentoo Archives: gentoo-dev

From: "Jason A. Donenfeld" <zx2c4@g.o>
To: gentoo-dev@l.g.o
Subject: [gentoo-dev] Re: proposal: use only one hash function in manifest files
Date: Tue, 05 Apr 2022 13:37:52
Message-Id: CAHmME9rtWkC55_X1dyu-D8CRzz6AbBMOr0PYi3T4CUad_dn26A@mail.gmail.com
In Reply to: [gentoo-dev] proposal: use only one hash function in manifest files by "Jason A. Donenfeld"
1 To move things forward with something more concrete:
2
3 On 4/5/22, Jason A. Donenfeld <zx2c4@g.o> wrote:
4 > Hi,
5 >
6 > I'd like to propose the following for portage:
7 >
8 > - Only support one "secure" hash function (such as sha2, sha3, blake2, etc)
9 > - Only generate and parse one hash function in Manifest files
10 > - Remove support for multiple hash functions
11 >
12 > [...]
13 > I don't really care which one we use, so long as it's not already
14 > broken or too obscure/new. So in other words, any one of SHA2-256,
15 > SHA2-512, SHA3, BLAKE2b, BLAKE2s would be fine with me. Can we just
16 > pick one and roll with it?
17
18 As you might have realized from my work on other projects, I like
19 BLAKE2 a lot. However, I think there are two strong reasons for going
20 with SHA512 exclusively here:
21
22 - GPG signatures are already over the SHA512 of the plain text, so
23 they security of the system already reduces to that. By choosing
24 SHA512, we don't add more risk, whilst choosing something else means
25 we're in trouble if either one has a problem.
26 - Other package managers use SHA512 in their recipes, so it makes it
27 easier to compare tarball checksums.
28
29 The principle advantage of BLAKE2b is 64-bit speed, but SHA512
30 performs okay enough in that regard anyway.
31
32 Therefore, to amend my proposal:
33
34 - Use SHA512 as the Manifest hash.
35
36 Any objections?
37
38 Jason

Replies