I believe you will never encounter an accidental MD5 collision in the way that SCons uses it. [1] All of the MD5 collisions being publicized are intentional; leveraging a chosen-prefix attack. Does SCons really care to address the case where someone is intentionally generating collisions? I imagine not.
MD5 is still the fastest general-purpose hashing algorithm [2]. So I so reason for SCons to worry about changing hash algorithms. Jonathon Reinhart [1]: https://stackoverflow.com/a/937798/119527 [2]: https://stackoverflow.com/a/2723941/119527 On Thu, Oct 26, 2017 at 7:58 AM, Russel Winder <rus...@winder.org.uk> wrote: > I may just be out of date: is SCons using MD5 for hashing? > > Clearly SCons is not that interested in security or true persistence > level hashing, but given the issue of clashing might MD5 now not be > useful? > > -- > Russel. > ============================================================ > ================= > Dr Russel Winder t: +44 20 7585 2200 voip: > sip:russel.win...@ekiga.net > 41 Buckmaster Road m: +44 7770 465 077 xmpp: rus...@winder.org.uk > London SW11 1EN, UK w: www.russel.org.uk skype: russel_winder > _______________________________________________ > Scons-dev mailing list > Scons-dev@scons.org > https://pairlist2.pair.net/mailman/listinfo/scons-dev > >
_______________________________________________ Scons-dev mailing list Scons-dev@scons.org https://pairlist2.pair.net/mailman/listinfo/scons-dev