1 |
On Sat, 2021-07-24 at 17:15 -0400, Joshua Kinard wrote: |
2 |
> On 7/24/2021 11:16, Michał Górny wrote: |
3 |
> > Hi, everyone. |
4 |
> > |
5 |
> > I've been asked to repost the idea of removing SHA512 hash from |
6 |
> > Manifests, effectively limiting them to BLAKE2B. |
7 |
> > |
8 |
> > The 'old' set of Gentoo hashes including SHA512 went live in July 2012. |
9 |
> > In November 2017, we have decided to remove the two other hashes and add |
10 |
> > BLAKE2B in their stead. Today, all Gentoo packages are using BLAKE2B |
11 |
> > and SHA512 hashes. |
12 |
> > |
13 |
> > To all extent, this is purely a cosmetic change. The benefit from |
14 |
> > removing the additional hash is negligible, both from space perspective |
15 |
> > and hashing speed perspective. The benefit from keeping two hashes is |
16 |
> > also negligible. |
17 |
> > |
18 |
> > Back during the 2017 discussion, Infra came to the conclusion that we're |
19 |
> > going to keep SHA512 for a transition period, then remove it, and stay |
20 |
> > with a single hash algorithm. In my opinion, we have kept it long |
21 |
> > enough. |
22 |
> > |
23 |
> > WDYT? |
24 |
> |
25 |
> Are there any security benefits/consequences of keeping two/one? If no to |
26 |
> consequences, then I don't see a problem dropping SHA512. |
27 |
|
28 |
To the best of my knowledge, the consequences are negligible. |
29 |
|
30 |
> And are we looking at BLAKE3 hash support at all for the future? I know |
31 |
> that algo is fairly new (Jan 2020). A quick read indicates it merges a |
32 |
> number of the BLAKE2 variants together and is faster in some areas of execution. |
33 |
|
34 |
Not at the moment. I see they've eventually made a C implementation, so |
35 |
maybe it's worth looking into. OTOH we may want to wait till it's part |
36 |
of CPython, or at least has C-based Python bindings. |
37 |
|
38 |
-- |
39 |
Best regards, |
40 |
Michał Górny |