Date: Wed, 09 Mar 2005 21:57:20 +0100 From: "Poul-Henning Kamp" <phk@phk.freebsd.dk> To: Colin Percival <cperciva@FreeBSD.org> Cc: cvs-all@FreeBSD.org Subject: Re: cvs commit: src/lib/libmd Makefile sha256.3 sha256.h sha256c.c shadriver.c src/sbin/md5 Makefile md5.c Message-ID: <3213.1110401840@critter.freebsd.dk> In-Reply-To: Your message of "Wed, 09 Mar 2005 12:33:24 PST." <422F5D94.4030702@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <422F5D94.4030702@freebsd.org>, Colin Percival writes: >My personal feeling is that sha(384|512) are overkill on the side of >hash length and probably underkill on the side of design (considering >that they have the same basic design which has been repeatedly shown >to be vulnerable to the Chinese attack) anyway -- we really need an >AES-like process for selecting a new hash standard. As far as I can tell from the phk-bashing on that cryptographer list, SHA is the current king for the lack of something better. I will add my voice to the chorus who pine for us to have one single copy of things like hashes and encryption. And by "one single copy" I mean one shared between kernel and userland. Since all these functions are really just memcpy() overdosed on LSD, I can't see _any_ reason why the kernel and userland would need different versions, much less why different pieces of the kernel or userland would. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3213.1110401840>