On Fri, 2010-07-09 at 10:23 +1000, Peter Jeremy wrote:
> On 2010-Jul-09 06:46:54 +0800, Edward Ned Harvey <solar...@nedharvey.com>
> wrote:
> >md5 is significantly slower (but surprisingly not much slower) and it's a
> >cryptographic hash. Probably not necessary for your needs.
>
> As someone else has pointed out, MD5 is no longer considered secure
> (neither is SHA-1). If you want cryptographic hashing, you should
> probably use SHA-256 for now and be prepared to migrate to SHA-3 once
> it is announced. Unfortunately, SHA-256 is significantly slower than
> MD5 (about 4 times on a P-4, about 3 times on a SPARC-IV) and no
> cryptographic hash is amenable to multi-threading . The new crypto
> instructions on some of Intel's recent offerings may help performance
> (and it's likely that they will help more with SHA-3).
>
> >And one more thing. No matter how strong your hash is, unless your hash is
> >just as big as your file, collisions happen. Don't assume data is the same
> >just because hash is the same, if you care about your data. Always
> >byte-level verify every block or file whose hash matches some other hash.
>
> In theory, collisions happen. In practice, given a cryptographic hash,
> if you can find two different blocks or files that produce the same
> output, please publicise it widely as you have broken that hash function.
Not necessarily. While you *should* publicize it widely, given all the
possible text that we have, and all the other variants, its
theoretically possibly to get likely. Like winning a lottery where
everyone else has a million tickets, but you only have one.
Such an occurrence -- if isolated -- would not, IMO, constitute a
'breaking' of the hash function.
- Garrett
>
> _______________________________________________
> zfs-discuss mailing list
> zfs-discuss@opensolaris.org
> http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
_______________________________________________
zfs-discuss mailing list
zfs-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
