On Sun, Apr 17, 2005 at 03:35:17PM -0700, Linus Torvalds wrote: > > Quite the reverse. Again, you bring up totally theoretical arguments. In > _practice_ it has indeed been shown that using two hashes _does_ catch > hash colissions. > > The trivial example is using md5 sums with a length. The "length" is a > rally bad "hash" of the file contents too. And the fact is, that simple > combination of hashes has proven to be more resistant to attack than the > hash itself. It clearly _does_ make a difference in practice.
I wasn't disputing that of course. However, the same effect can be achieved in using a single hash with a bigger length, e.g., sha256 or sha512. > So _please_, can we drop the obviously bogus "in theory" arguments. They > do not matter. What matters is practice. I agree. However, what is the actual cost in practice of detecting collisions? I get the feeling that it isn't that bad. For example, if we did it at the points where the blobs actually entered the tree, then the cost is always proportional to the change size (the number of new blobs). Is this really that bad considering that the average blob isn't very big? Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt - To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html