"Neal H. Walfield" <n...@walfield.org> writes: > I'm not that familiar with Nettle's API, so I don't know if the > following is sufficiently idiomatic. > > That said, we could do the following: we could add a flag to the sha1 > context to indicate to the update function that it should try to > detect collision attempts, we could add a few ifs to the update > function to do the checks, and we could add a second function to > return whether a collision was detected: > > void sha1_check_for_collisions(struct sha1_ctx *ctx); > int sha1_detected_collision(struct sha1_ctx *ctx); > > What do you think?
I think hashing should be fallible. If a collision attack is detected, no digest should be produced, because the digest has none of the properties that we usually associate with a hash digest. If we come up with a new API anyway, we should make all hash functions fallible, because sooner or later, any algorithm may fall. Cheers, Justus
signature.asc
Description: PGP signature
_______________________________________________ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs