Changes between Initial Version and Version 1 of Ticket #63885, comment 9


Ignore:
Timestamp:
Nov 10, 2021, 8:26:46 PM (3 years ago)
Author:
pmetzger (Perry E. Metzger)
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #63885, comment 9

    initial v1  
    22> We use two algorithms so that a compromise of one algorithm does not compromise the integrity of the files.
    33
    4 I think the probability of a high quality exploit that occurs without prior warning against any of the modern hash algorithms is quite low. That said, SHA-3 or BLAKE2/BLAKE3 are good options as I said.
     4I think the probability of a high quality exploit that occurs without prior warning against any of the modern hash algorithms is quite low. That said, SHA-3 or BLAKE2/BLAKE3 are good options as I mentioned. I'd personally pick SHA3.
    55
    66We should also systematically get rid of reliance on MD5 (people with inexpensive machines can fake that at this point) and SHA1 (people with expensive machines can fake that at this point.)