On Mon, 18 Apr 2005, Herbert Xu wrote:
>
> Sorry, it has already been shown that combining two difference hashes
> doesn't necessarily provide the security that you would hope.
Sorry, that's not true.
Quite the reverse. Again, you bring up totally theoretical arguments. In
_practice_ it has indeed been shown that using two hashes _does_ catch
hash colissions.
The trivial example is using md5 sums with a length. The "length" is a
rally bad "hash" of the file contents too. And the fact is, that simple
combination of hashes has proven to be more resistant to attack than the
hash itself. It clearly _does_ make a difference in practice.
So _please_, can we drop the obviously bogus "in theory" arguments. They
do not matter. What matters is practice.
And the fact is, in _theory_ we don't know if somebody may be trivially
able to break any particular hash. But in practice we do know that it's
less likely that you can break a combination of two totally unrelated
hashes than you break one particular one.
NOTE! I'm not actually arguing that we should do that. I'm actually
arguing totally the reverse: I'm arguing that there is a fine line between
being "very very careful" and being "crazy to the point of being
incompetent".
Linus
-
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
