Dear OpenSSL folks: I'm one of the authors of the BLAKE2 hash function (https://blake2.net). I've been working with the maintainers of GNU coreutils to make a tool named "b2sum", which I hope will eventually replace md5sum.
md5sum is the most widely-used tool in the world for data integrity but, as you know, MD5 is weak in ways that could endanger the users of md5sum, depending on how they use it. I want to see md5sum phased out entirely in our lifetimes! BLAKE2 is a secure hash function, while being faster than MD5 (at least on 64-bit CPUs). BLAKE2 is being used in new software projects (https://blake2.net/#us) and there is recently an Internet Draft to specify it (https://datatracker.ietf.org/doc/draft-saarinen-blake2/?include_text=1). One of the coreutils maintainers suggested that we should ask OpenSSL to add BLAKE2, because coreutils itself will probably just use a portable C implementation, but it would use an optimized implementation if openssl provided it. Here's that thread: http://lists.gnu.org/archive/html/coreutils/2015-06/msg00011.html We, the BLAKE2 maintainers, offer both reference C code and optimized implementations: https://blake2.net/#dl . There are also other implementations with various virtues available: https://blake2.net/#sw Here's my blog post extolling the virtues of BLAKE2 as a high-performance hash function: https://leastauthority.com/blog/BLAKE2-harder-better-faster-stronger-than-MD5.html Regards, Zooko _______________________________________________ openssl-bugs-mod mailing list [email protected] https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
