1 |
On Saturday 19 November 2005 15:44, Ciaran McCreesh wrote: |
2 |
> On Fri, 18 Nov 2005 22:01:27 -0800 "Robin H. Johnson" |
3 |
> <robbat2@g.o> wrote: |
4 |
> | First, the blatantly obvious, for the benefit of same developers, even |
5 |
> | though it's not relevant to signing. It is still a weak-point and does |
6 |
> | need to be addressed. Multiple-hashes! |
7 |
> |
8 |
> There is no proof that multiple hashes gives you any security beyond |
9 |
> the strength of the single most secure hash algorithm. If you have two |
10 |
> signatures, one of which gives you an effective strength of 100 bits |
11 |
> and the other of which gives you an effective strength of 80 bits, the |
12 |
> overall effective strength is not 180 bits. |
13 |
> |
14 |
> See, this is why you need to be careful. Some things that you'd think |
15 |
> were 'obvious' probably aren't actually true... |
16 |
|
17 |
While there is no mathematical proof (as of yet), it is possible to generate |
18 |
md5s that match while the sha1s don't. If that goes the other way around as |
19 |
well (sha1s match but md5s don't) there's definitely an improved strength |
20 |
however slight it may be... But yes, if there's any at all it is only slight. |
21 |
|
22 |
-- |
23 |
Jason Stubbs |
24 |
-- |
25 |
gentoo-portage-dev@g.o mailing list |