[
https://issues.apache.org/jira/browse/AVRO-3777?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17864407#comment-17864407
]
Oscar Westra van Holthe - Kind commented on AVRO-3777:
------------------------------------------------------
Changing the hash function in the IPC code requires a new (major) Avro version,
as the protocol defines the use of MD5 in the handshake.
However, it should be noted that the hash is not used as a cryptographic hash,
but rather as a
[fingerprint|https://en.wikipedia.org/wiki/Fingerprint_(computing)]: when the
fingerprint is wrong, the protocol is sent to the client.
Now we could have used other, simpler and faster (non-cryptographic) hash
algorithms, but none are as ubiquitous as MD5. So this was the easy choice.
> Support configurable hashing algo in IPC protocol
> -------------------------------------------------
>
> Key: AVRO-3777
> URL: https://issues.apache.org/jira/browse/AVRO-3777
> Project: Apache Avro
> Issue Type: New Feature
> Components: java, python
> Reporter: GATIKRUSHNA SAHU
> Priority: Major
>
> In current implementation AVRO IPC used MD5 algorithm for severhash and
> clienthash .For security reason some os disable MD5 algorithm and allow SHA
> -256 .For same reason AVRO should support configurable algorithm instead only
> support MD5.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
