On Mon, Jul 29, 2013 at 04:33:11PM -0400, Donald Stufft wrote: > > Somewhat relevant to the question at hand: http://valerieaurora.org/hash.html
Heh heh. That page is cited in my note. My note is kind of a response to that page, showing that the history of pre-image attacks is completely different than the history of collision attacks. > (Yes it lists sha-2 as weakened, which it is. However sha-3 isn't widespread > enough for us :( ) There's no reason to worry about SHA-2. In my opinion, there's no particular reason to think that it will be made vulnerable to collisions within the next decade! By the way, I'm a co-author of a secure hash function -- BLAKE2: https://blake2.net/ The intent of BLAKE2 is to be as secure as SHA-3 but as fast as MD5. Not only is it as fast as MD5, but it also has an optional parallel mode that can go 4 or 8 times as fast as MD5 by using 4 or 8 CPU cores! It is currently being adopted for uses like data deduplication, archiving, and distributed filesystems, where the data can be large (terabytes or more), and the performance of the hash function is a bottleneck. I don't think Python packaging has such needs, and BLAKE2 is not a standard like SHA-2 and SHA-3, so I'm not pushing to add support for it. Regards, Zooko _______________________________________________ Distutils-SIG maillist - Distutils-SIG@python.org http://mail.python.org/mailman/listinfo/distutils-sig
