On 20 October 2010 17:44, Justin Lebar <justin.le...@gmail.com> wrote:
> My cryptographically-inclined friend suggested we use a universal hash
> function or something a bit stronger, such as VHASH.
> These functions take a "key", which we could choose at random and fix
> in the code.
> VHASH outputs 64-bit digests with collision probability 2^61, so in
> expectation you'd need to hash 2^30 files before you saw a collision.
> If that wasn't good enough, we could compute two VHASH digests with
> different keys and concatenate them.

Is VHASH expected to be faster than MD4?  I don't think adding more
strength will help with anything.  The odds of an accidental MD4
collision are low, and I don't know of any attack by which being able
to predict or produce ccache collisions accomplishes anything for the
attacker.  (If they can write to the cache you have bigger problems.)

ccache mailing list

Reply via email to