[Python-Dev] Re: PEP-376 and PEP-427 interpretation
I meant to exclude md5 and sha1, e.g. hash functions with known problems. SHA224 would be a weird choice but it wouldn't personally offend me otherwise. It would be fun to see how many wheel handlers support non-sha256 hash functions. On Mon, Mar 29, 2021 at 9:56 PM Theallredman via Python-Dev < python-dev@python.org> wrote: > Thank you. I can't think of a compelling reason someone would want to > choose SHA224 over SHA256 in the context of wheel generation. It just that > the PEPs are usually pretty explicit and SHA224 seemed to be implicitly > excluded from RECORD files. And I'm considering the details of making a > pretty pedantic wheel generation PEP517 backend. > > Eldon > > ‐‐‐ Original Message ‐‐‐ > On Monday, March 29, 2021 2:16 PM, Paul Moore wrote: > > > On Mon, 29 Mar 2021 at 17:40, Theallredman via Python-Dev > > python-dev@python.org wrote: > > > > > So going back to my actual question SHA224 is disallowed in record > files because it's bit length is less then 256? > > > > It doesn't look like it's ever been excluded. The only explicit > > exclusions are MD5 and SHA1 as you point out. Do you have a particular > > reason to want to use SHA224? Pretty much everyone is using SHA256, as > > far as I know. > > > > Paul > > > ___ > Python-Dev mailing list -- python-dev@python.org > To unsubscribe send an email to python-dev-le...@python.org > https://mail.python.org/mailman3/lists/python-dev.python.org/ > Message archived at > https://mail.python.org/archives/list/python-dev@python.org/message/NB6MLDDDJHRTRMOEWDFG5IYGZCP65K6V/ > Code of Conduct: http://python.org/psf/codeofconduct/ > ___ Python-Dev mailing list -- python-dev@python.org To unsubscribe send an email to python-dev-le...@python.org https://mail.python.org/mailman3/lists/python-dev.python.org/ Message archived at https://mail.python.org/archives/list/python-dev@python.org/message/P4575PDTQCUYMYZVOSJPYGD3J5YKNCFY/ Code of Conduct: http://python.org/psf/codeofconduct/
[Python-Dev] Re: PEP-376 and PEP-427 interpretation
Thank you. I can't think of a compelling reason someone would want to choose SHA224 over SHA256 in the context of wheel generation. It just that the PEPs are usually pretty explicit and SHA224 seemed to be implicitly excluded from RECORD files. And I'm considering the details of making a pretty pedantic wheel generation PEP517 backend. Eldon ‐‐‐ Original Message ‐‐‐ On Monday, March 29, 2021 2:16 PM, Paul Moore wrote: > On Mon, 29 Mar 2021 at 17:40, Theallredman via Python-Dev > python-dev@python.org wrote: > > > So going back to my actual question SHA224 is disallowed in record files > > because it's bit length is less then 256? > > It doesn't look like it's ever been excluded. The only explicit > exclusions are MD5 and SHA1 as you point out. Do you have a particular > reason to want to use SHA224? Pretty much everyone is using SHA256, as > far as I know. > > Paul ___ Python-Dev mailing list -- python-dev@python.org To unsubscribe send an email to python-dev-le...@python.org https://mail.python.org/mailman3/lists/python-dev.python.org/ Message archived at https://mail.python.org/archives/list/python-dev@python.org/message/NB6MLDDDJHRTRMOEWDFG5IYGZCP65K6V/ Code of Conduct: http://python.org/psf/codeofconduct/
[Python-Dev] Re: PEP-376 and PEP-427 interpretation
I suggest that SHA224 does not qualify as "SHA256 or better". Truncating any hash should not be considered equivalent or better. Reductio ad absurdum: truncate to 128 bits, 16 bits, 8 bits, or 1 bit. On Mon, 2021-03-29 at 08:15 +, Theallredman via Python-Dev wrote: > No need to be condescending. Trust me when I say I know the bit > length relates to the collision resistance. Also trust me when I say > there are other dimensions upon which to consider one hash algo over > another other then just collision resistance such as, power > consumption, execution time, whether or not the algorithm suffers > from length extension attacks. > > I'm assuming the reason MD5 and SHA1 were both disallowed were > because they have been proven to have a collision resistance less > then 1/2 their bit length. But this is not the case for SHA224. It > is just a truncated version of SHA256 and thus the underlying > algorithm is just as strong as SHA256 except that you can expect to > find a collision in about 16 bits of work less. > > So going back to my actual question SHA224 is disallowed in record > files because it's bit length is less then 256? > ___ > Python-Dev mailing list -- python-dev@python.org > To unsubscribe send an email to python-dev-le...@python.org > https://mail.python.org/mailman3/lists/python-dev.python.org/ > Message archived at > https://mail.python.org/archives/list/python-dev@python.org/message/NKMWTOLR5GVSKGYWPBHB7FGMD33IYCNK/ > Code of Conduct: http://python.org/psf/codeofconduct/ ___ Python-Dev mailing list -- python-dev@python.org To unsubscribe send an email to python-dev-le...@python.org https://mail.python.org/mailman3/lists/python-dev.python.org/ Message archived at https://mail.python.org/archives/list/python-dev@python.org/message/2RGX3KHUWHTL55RJ252RSY67HXCNWOLY/ Code of Conduct: http://python.org/psf/codeofconduct/
[Python-Dev] Re: PEP-376 and PEP-427 interpretation
On Mon, 29 Mar 2021 at 17:40, Theallredman via Python-Dev wrote: > So going back to my actual question SHA224 is disallowed in record files > because it's bit length is less then 256? It doesn't look like it's ever been excluded. The only explicit exclusions are MD5 and SHA1 as you point out. Do you have a particular reason to want to use SHA224? Pretty much everyone is using SHA256, as far as I know. Paul ___ Python-Dev mailing list -- python-dev@python.org To unsubscribe send an email to python-dev-le...@python.org https://mail.python.org/mailman3/lists/python-dev.python.org/ Message archived at https://mail.python.org/archives/list/python-dev@python.org/message/LVOHVVH72BRRHCTQAGTIK2SZGHRLDEQL/ Code of Conduct: http://python.org/psf/codeofconduct/
[Python-Dev] Re: PEP-376 and PEP-427 interpretation
No need to be condescending. Trust me when I say I know the bit length relates to the collision resistance. Also trust me when I say there are other dimensions upon which to consider one hash algo over another other then just collision resistance such as, power consumption, execution time, whether or not the algorithm suffers from length extension attacks. I'm assuming the reason MD5 and SHA1 were both disallowed were because they have been proven to have a collision resistance less then 1/2 their bit length. But this is not the case for SHA224. It is just a truncated version of SHA256 and thus the underlying algorithm is just as strong as SHA256 except that you can expect to find a collision in about 16 bits of work less. So going back to my actual question SHA224 is disallowed in record files because it's bit length is less then 256?___ Python-Dev mailing list -- python-dev@python.org To unsubscribe send an email to python-dev-le...@python.org https://mail.python.org/mailman3/lists/python-dev.python.org/ Message archived at https://mail.python.org/archives/list/python-dev@python.org/message/NKMWTOLR5GVSKGYWPBHB7FGMD33IYCNK/ Code of Conduct: http://python.org/psf/codeofconduct/
[Python-Dev] Re: PEP-376 and PEP-427 interpretation
On 2021-03-27 01:54, Theallredman via Python-Dev wrote: Forgive me if this isn't the correct venue for this question and I ask your help directing me to the correct place if it is not. In PEP-376 it states with respect to the valid hashes in a Wheel RECORD file: "The hash is either the empty string or the hash algorithm as named in hashlib.algorithms_guaranteed, followed by the equals character =, followed by the urlsafe-base64-nopad encoding of the digest (base64.urlsafe_b64encode(digest) with trailing = removed)." In PEP-427 it further restricts the valid hashes to omit md5 and sha1 and says: "The hash algorithm must be sha256 or better; specifically, md5 and sha1 are not permitted." No where does it define what on what dimension of a hash "better" should consider. From the context talking about the security of the algorithm I'd infer that "better" is with respect to collision resistance. If so does that mean sha224 should also be excluded from wheel RECORD file hashes? The "256" part refers to it generating a 256-bit signature, so a "better" one is one that generates a signature that's longer, e.g. "sha384" and "sha512". ___ Python-Dev mailing list -- python-dev@python.org To unsubscribe send an email to python-dev-le...@python.org https://mail.python.org/mailman3/lists/python-dev.python.org/ Message archived at https://mail.python.org/archives/list/python-dev@python.org/message/6RAUURQDHYGQEFNNEZTIEOJ2J3BUMN5B/ Code of Conduct: http://python.org/psf/codeofconduct/
