Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 09 Mar 2005 12:33:24 -0800
From:      Colin Percival <cperciva@freebsd.org>
To:        Richard Coleman <rcoleman@criticalmagic.com>
Cc:        cvs-all@FreeBSD.org
Subject:   Re: cvs commit: src/lib/libmd Makefile sha256.3 sha256.h sha256c.c shadriver.c src/sbin/md5 Makefile md5.c
Message-ID:  <422F5D94.4030702@freebsd.org>
In-Reply-To: <422F5B36.5090400@criticalmagic.com>
References:  <200503091923.j29JN4Ti063868@repoman.freebsd.org> <422F50A6.907@criticalmagic.com> <422F55C6.3000207@freebsd.org> <422F5B36.5090400@criticalmagic.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Richard Coleman wrote:
> Colin Percival wrote:
>> As far as I could tell, we didn't have sha256 in the tree until I added
>> it.  As for md5 and sha1, it's useful to have a minimalist libmd for
>> applications which don't require the bloated monst^W^W^W OpenSSL, and
>> these are small enough that a bit of duplication really doesn't matter.
> 
> There are versions of sha256, sha384, and sha512 in sys/crypto/sha2.

*sigh*

Oh well, I think my version is cleaner anyway... :-)

> Just a random thought.  But I'm glad to see sha256 added to libmd
> anyways.  It may be useful to add sha384 and sha512 as well.

I considered that, but decided that since those hashes are designed
for 64 bit processors, they would be more trouble than they're worth.

My personal feeling is that sha(384|512) are overkill on the side of
hash length and probably underkill on the side of design (considering
that they have the same basic design which has been repeatedly shown
to be vulnerable to the Chinese attack) anyway -- we really need an
AES-like process for selecting a new hash standard.

Colin Percival



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?422F5D94.4030702>