| 1 |
On Sat, Oct 21, 2017 at 11:26 AM, Robin H. Johnson <robbat2@g.o> wrote: |
| 2 |
> On Fri, Oct 20, 2017 at 05:21:47PM -0500, R0b0t1 wrote: |
| 3 |
>> I would like to present my suggestions: |
| 4 |
>> |
| 5 |
>> SHA512, (RIPEMD160 | WHIRLPOOL | BLAKE2B), (SHA3_512 | BLAKE2B); |
| 6 |
>> |
| 7 |
>> or more definitively: |
| 8 |
>> |
| 9 |
>> SHA512, RIPEMD160, BLAKE2B. |
| 10 |
> Please do NOT reintroduce RIPEMD160. It was one of the older Portage |
| 11 |
> hashes prior to implementation of GLEP059, and was removed because it |
| 12 |
> was shown to fall to parts of the same attacks at MD4/MD5 by Wang's |
| 13 |
> paper in 2004. |
| 14 |
> |
| 15 |
> Wang, X. et al. (2004). "Collisions for Hash Functions MD4, MD5, |
| 16 |
> HAVAL-128 and RIPEMD", rump session, CRYPTO 2004, Cryptology ePrint |
| 17 |
> Archive, Report 2004/199, first version (August 16, 2004), second |
| 18 |
> version (August 17, 2004). Available online from: |
| 19 |
> http://eprint.iacr.org/2004/199.pdf |
| 20 |
> |
| 21 |
|
| 22 |
That is precisely why I didn't suggest it be used on its own (see note |
| 23 |
about extant use of MD5), and why I gave alternatives. If it is |
| 24 |
desired that the hashes be computed quickly then weaker hashes will |
| 25 |
need to be used. One usually can't have both security and speed. |
| 26 |
|
| 27 |
Can anyone defend the transition to two hashes, or is it just based on |
| 28 |
speculation? |
| 29 |
|
| 30 |
People are discussing collision resistance, but no one here appears to |
| 31 |
be trained in cryptography. The only reasonable solution in that case |
| 32 |
is not to rely on the particular mostly unknowable merits of an |
| 33 |
algorithm, but the hardness of a successful collision of multiple |
| 34 |
functions at the same time. |
| 35 |
|
| 36 |
*If* collision resistance is important, and *if* no one here can |
| 37 |
evaluate any of the algorithms intensively by themselves, then *why* |
| 38 |
are two hashes going to be used instead of three? That is making the |
| 39 |
system much weaker than it was. |
Archives