Hi,
In the documentation of md5sum and sha1sum we have a paragraph
mentioning that there are known collisions that make these algorithms
insecure.
How about listing algorithms currently considered secure for the
documentation of 'cksum -a'? I have attached a proposed patch.
I don't think there is any problems with SM3, but I can't find much
written in English about it. I have excluded it since my understanding
is that you would only use it if you were selling an enterprise
application in Chinese markets, for example. Python's cryptography
module says something along those lines too [1]:
This hash should be used for compatibility purposes where required
and is not otherwise recommended for use.
Collin
[1]
https://cryptography.io/en/latest/hazmat/primitives/cryptographic-hashes/#cryptography.hazmat.primitives.hashes.SM3
>From 8a1c6e8d3cf5e7672685ec7e8a488f8737bdd90f Mon Sep 17 00:00:00 2001
Message-ID: <8a1c6e8d3cf5e7672685ec7e8a488f8737bdd90f.1763931550.git.collin.fu...@gmail.com>
From: Collin Funk <[email protected]>
Date: Sun, 23 Nov 2025 12:44:23 -0800
Subject: [PATCH] doc: cksum: document secure hash algorithms
* doc/coreutils.texi (cksum general options): Mention hash algorithms
that are currently considered secure against malicious tampering.
---
doc/coreutils.texi | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/doc/coreutils.texi b/doc/coreutils.texi
index 214b21b56..5087e1834 100644
--- a/doc/coreutils.texi
+++ b/doc/coreutils.texi
@@ -4229,6 +4229,15 @@ @node cksum general options
@samp{sm3} only available through @command{cksum}
@end example
+The following algorithms are considered secure against malicious
+tampering, i.e., there is no known way to modify a file to produce the
+same checksum:
+@example
+@samp{sha2} equivalent to @command{sha@{224,256,384,512@}sum}
+@samp{sha3} only available through @command{cksum}
+@samp{blake2b} equivalent to @command{b2sum}
+@end example
+
@item --base64
@opindex --base64
@cindex base64 checksum encoding
--
2.52.0
