W dniu nie, 12.11.2017 o godzinie 21∶22 -0500, użytkownik Joshua Kinard
napisał:
> On 10/24/2017 00:11, Michał Górny wrote:
> > W dniu wto, 24.10.2017 o godzinie 06∶04 +0200, użytkownik Michał Górny
> > napisał:
>
> [snip]
>
> > > > [BOBO06] is relevant research here, I cited it in the work that
On 11/12/2017 22:48, Gordon Pettey wrote:
> On Sun, Nov 12, 2017 at 8:22 PM, Joshua Kinard wrote:
>
>> Minor clarification, old single core //and// uni-processor. Some older
>> machines have multiple physical CPUs that are single-core. Threading
>> should be
>> okay on these,
On Sun, Nov 12, 2017 at 8:22 PM, Joshua Kinard wrote:
> Minor clarification, old single core //and// uni-processor. Some older
> machines have multiple physical CPUs that are single-core. Threading
> should be
> okay on these, as long as the thread count stays under NR_CPUS.
On 10/24/2017 00:11, Michał Górny wrote:
> W dniu wto, 24.10.2017 o godzinie 06∶04 +0200, użytkownik Michał Górny
> napisał:
[snip]
>>> [BOBO06] is relevant research here, I cited it in the work that went into
>>> GLEP59, the last time we updated the hashes. The less-technical explanation
>>>
Hello,
On Wednesday, November 8, 2017, Jonas Stein wrote:
> Hi "R0b0t1",
>
For the record, I'd claim I am.
>
> The question
>> On what basis?
> is ok, but
>
>> I performed a search on your name, and found at least
>> one person who was belligerently calling you a liar
My apologies, I forgot to address something:
On Sat, Oct 21, 2017 at 12:50 PM, Hanno Böck wrote:
> On Sat, 21 Oct 2017 12:12:44 -0500
> R0b0t1 wrote:
>
>> That is precisely why I didn't suggest it be used on its own (see note
>> about extant use of MD5), and
W dniu pon, 06.11.2017 o godzinie 19∶13 +, użytkownik Robin H.
Johnson napisał:
> +1 overall, just one timeline clarification.
>
> On Mon, Nov 06, 2017 at 05:58:21PM +0100, Michał Górny wrote:
> > T + 7 days
> > --
> > Set:
> > manifest-hashes = BLAKE2B SHA512
> >
On Mon, Nov 6, 2017 at 2:13 PM, Robin H. Johnson wrote:
> +1 overall, just one timeline clarification.
>
> On Mon, Nov 06, 2017 at 05:58:21PM +0100, Michał Górny wrote:
>> T + 7 days
>> --
>> Set:
>> manifest-hashes = BLAKE2B SHA512
>> manifest-required-hashes =
+1 overall, just one timeline clarification.
On Mon, Nov 06, 2017 at 05:58:21PM +0100, Michał Górny wrote:
> T + 7 days
> --
> Set:
> manifest-hashes = BLAKE2B SHA512
> manifest-required-hashes = SHA512
>
> New Manifest entries will use the new hashes but Portage will keep the
> old
Hi,
So here's my proposed plan, after considering all the replies.
Immediately after accepting
---
a. Revbump Portage to add pyblake2 dep (to ensure BLAKE2 is supported
on py<3.6) and request stabilizing this version.
b. Create a git update hook that rejects Manifest
On Tue, Oct 24, 2017 at 9:40 PM, Robin H. Johnson wrote:
> On Tue, Oct 24, 2017 at 11:33:39PM +0200, Allan Wegan wrote:
>> >> That is currently the case with portage, but not an inevitable
>> >> consequence of having 3 hash functions in the Manifest. Portage could
>> >> be
On 25/10/2017 14:32, Hanno Böck wrote:
> Good security includes reducing complexity. Tough (as evident by this
> thread) it's a thought many people find hard to accept.
>
> This thread is going into a completely different direction and I find
> that worriesome. We have two non-problems ("what if
Hi,
On Wed, 25 Oct 2017 02:40:58 +
"Robin H. Johnson" wrote:
> At that point, and this is a serious proposal:
> The package manager shall decide which hashes to check, but is
> required to check at least one hash. The choice may be 'fastest',
> 'most secure', or any
On Tue, Oct 24, 2017 at 11:33:39PM +0200, Allan Wegan wrote:
> >> That is currently the case with portage, but not an inevitable
> >> consequence of having 3 hash functions in the Manifest. Portage could
> >> be made to check only one or two of them (even by default), giving
> >> the tie-breaking
>> That is currently the case with portage, but not an inevitable
>> consequence of having 3 hash functions in the Manifest. Portage could
>> be made to check only one or two of them (even by default), giving
>> the tie-breaking ability to those who need it, and speeding up things
>> for those who
W dniu wto, 24.10.2017 o godzinie 13∶56 +0200, użytkownik Chí-Thanh
Christopher Nguyễn napisał:
> Michał Górny schrieb:
> > Oh, and most notably, the speed loss will be mostly visible to users.
> > An attacker would have to compute the additional hashes only
> > if the fastest hash already
On Tue, Oct 24, 2017 at 4:21 AM, Paweł Hajdan, Jr.
wrote:
> On 24/10/2017 06:11, Michał Górny wrote:
>> W dniu wto, 24.10.2017 o godzinie 06∶04 +0200, użytkownik Michał Górny
>> napisał:
>>> Three hashes don't give any noticeable advantage. If we want a diverse
>>>
Michał Górny schrieb:
> Oh, and most notably, the speed loss will be mostly visible to users.
> An attacker would have to compute the additional hashes only
> if the fastest hash already matched, i.e. rarely. Users will have to
> compute them all the time.
That is currently the case with portage,
On 24/10/2017 06:11, Michał Górny wrote:
> W dniu wto, 24.10.2017 o godzinie 06∶04 +0200, użytkownik Michał Górny
> napisał:
>> Three hashes don't give any noticeable advantage. If we want a diverse
>> construct, we take SHA3. SHA3 is slower than SHA2 + BLAKE2 combined, so
>> even with 3 threaded
W dniu wto, 24.10.2017 o godzinie 06∶04 +0200, użytkownik Michał Górny
napisał:
> W dniu pon, 23.10.2017 o godzinie 21∶00 +, użytkownik Robin H.
> Johnson napisał:
> > On Mon, Oct 23, 2017 at 01:33:15PM +0200, Michał Górny wrote:
> > > Dnia 23 października 2017 10:16:38 CEST, "Robin H.
W dniu pon, 23.10.2017 o godzinie 21∶00 +, użytkownik Robin H.
Johnson napisał:
> On Mon, Oct 23, 2017 at 01:33:15PM +0200, Michał Górny wrote:
> > Dnia 23 października 2017 10:16:38 CEST, "Robin H. Johnson"
> > napisał(a):
> > > On Fri, Oct 20, 2017 at 05:21:47PM -0500,
On Mon, Oct 23, 2017 at 01:33:15PM +0200, Michał Górny wrote:
> Dnia 23 października 2017 10:16:38 CEST, "Robin H. Johnson"
> napisał(a):
> >On Fri, Oct 20, 2017 at 05:21:47PM -0500, R0b0t1 wrote:
> >> In general I do not mind updating the algorithms used, but I do feel
> >>
Dnia 23 października 2017 10:16:38 CEST, "Robin H. Johnson"
napisał(a):
>On Fri, Oct 20, 2017 at 05:21:47PM -0500, R0b0t1 wrote:
>> In general I do not mind updating the algorithms used, but I do feel
>> it is important to keep at least three present. Without at least
>three
On Fri, Oct 20, 2017 at 05:21:47PM -0500, R0b0t1 wrote:
> In general I do not mind updating the algorithms used, but I do feel
> it is important to keep at least three present. Without at least three
> (or a larger odd number) it is not possible to break a tie.
>
> That may ultimately be beside
On Sat, 21 Oct 2017 12:12:44 -0500
R0b0t1 wrote:
> That is precisely why I didn't suggest it be used on its own (see note
> about extant use of MD5), and why I gave alternatives. If it is
> desired that the hashes be computed quickly then weaker hashes will
> need to be used.
On Sat, Oct 21, 2017 at 12:12 PM, R0b0t1 wrote:
> On Sat, Oct 21, 2017 at 11:26 AM, Robin H. Johnson wrote:
>> On Fri, Oct 20, 2017 at 05:21:47PM -0500, R0b0t1 wrote:
>>> I would like to present my suggestions:
>>>
>>> SHA512, (RIPEMD160 | WHIRLPOOL |
On Sat, Oct 21, 2017 at 11:26 AM, Robin H. Johnson wrote:
> On Fri, Oct 20, 2017 at 05:21:47PM -0500, R0b0t1 wrote:
>> I would like to present my suggestions:
>>
>> SHA512, (RIPEMD160 | WHIRLPOOL | BLAKE2B), (SHA3_512 | BLAKE2B);
>>
>> or more definitively:
>>
>> SHA512,
On Fri, Oct 20, 2017 at 05:21:47PM -0500, R0b0t1 wrote:
> I would like to present my suggestions:
>
> SHA512, (RIPEMD160 | WHIRLPOOL | BLAKE2B), (SHA3_512 | BLAKE2B);
>
> or more definitively:
>
> SHA512, RIPEMD160, BLAKE2B.
Please do NOT reintroduce RIPEMD160. It was one of the older Portage
W dniu sob, 21.10.2017 o godzinie 10∶01 +0200, użytkownik Paweł Hajdan,
Jr. napisał:
> On 20/10/2017 18:15, Michał Górny wrote:
> > W dniu pią, 20.10.2017 o godzinie 17∶42 +0200, użytkownik Paweł Hajdan,
> > Jr. napisał:
> > > Curious, do we have any measurements/estimates of the performance cost?
On 20/10/2017 18:15, Michał Górny wrote:
> W dniu pią, 20.10.2017 o godzinie 17∶42 +0200, użytkownik Paweł Hajdan,
> Jr. napisał:
>> Curious, do we have any measurements/estimates of the performance cost?
>
> With a single thread serial processing of all hashes, it's just sum of
> times involved
W dniu sob, 21.10.2017 o godzinie 04∶08 +0200, użytkownik Chí-Thanh
Christopher Nguyễn napisał:
> Michał Górny schrieb:
> > to:
> >
> > manifest-hashes = SHA512 SHA3_512
>
> +1
>
> Just wondering about the performance argument on weak systems:
> Does Portage absolutely have to check all of
W dniu sob, 21.10.2017 o godzinie 04∶01 +0200, użytkownik Jason A.
Donenfeld napisał:
> Blake2 is in coreutils already, provides an excellent security margin, and
> is considerably faster than both sha2 and sha3.
>
Yes, we've already switched the proposal to BLAKE2B. Although it is only
faster
Blake2 is in coreutils already, provides an excellent security margin, and
is considerably faster than both sha2 and sha3.
On Oct 19, 2017 21:09, "Michał Górny" wrote:
> Hi, everyone.
>
> The previous discussion on Manifest2 hashes pretty much died away
> pending fixes to
On Fri, Oct 20, 2017 at 8:04 AM, Kristian Fiskerstrand wrote:
> On 10/20/2017 11:10 AM, Dirkjan Ochtman wrote:
>>
>> I support Hanno's suggestion of doing just SHA512, but would be
>> interested in hearing opinions from others who have apparent
>> security/crypto experience.
Hello,
I missed some messages in the time I wrote my reply. This also touches
on some of the points in Mr. Górny's other message about time.
On Fri, Oct 20, 2017 at 6:38 PM, Michał Górny wrote:
> W dniu pią, 20.10.2017 o godzinie 00∶20 +0200, użytkownik Francesco
> Riosa
W dniu pią, 20.10.2017 o godzinie 18∶42 -0400, użytkownik Anton Molyboha
napisał:
> On Thu, Oct 19, 2017 at 6:49 PM, Gordon Pettey wrote:
>
> > On Thu, Oct 19, 2017 at 5:32 PM, Hanno Böck wrote:
> >
> > > On Thu, 19 Oct 2017 21:08:40 +0200
> > > Michał
W dniu pią, 20.10.2017 o godzinie 00∶20 +0200, użytkownik Francesco
Riosa napisał:
> 2017-10-19 23:00 GMT+02:00 Michał Górny :
>
> > W dniu czw, 19.10.2017 o godzinie 21∶08 +0200, użytkownik Michał Górny
> > napisał:
> > >
> > > 4. The new hashes that are stronger and commonly
On Fri, Oct 20, 2017 at 5:42 PM, Anton Molyboha wrote:
> On Thu, Oct 19, 2017 at 6:49 PM, Gordon Pettey
> wrote:
>
>> On Thu, Oct 19, 2017 at 5:32 PM, Hanno Böck wrote:
>>
>>> On Thu, 19 Oct 2017 21:08:40 +0200
>>> Michał
On Thu, Oct 19, 2017 at 6:49 PM, Gordon Pettey wrote:
> On Thu, Oct 19, 2017 at 5:32 PM, Hanno Böck wrote:
>
>> On Thu, 19 Oct 2017 21:08:40 +0200
>> Michał Górny wrote:
>>
>> > manifest-hashes = SHA512 SHA3_512
>>
>>
Hello,
On Thu, Oct 19, 2017 at 2:08 PM, Michał Górny wrote:
> Hi, everyone.
>
> The previous discussion on Manifest2 hashes pretty much died away
> pending fixes to Portage. Since Portage was fixed a while ago, and we
> can now safely switch, I'd like to reboot the discussion
W dniu pią, 20.10.2017 o godzinie 17∶42 +0200, użytkownik Paweł Hajdan,
Jr. napisał:
> On 19/10/2017 21:08, Michał Górny wrote:
> > Considering all arguments made so far, I'd like to propose changing:
> > manifest-hashes = SHA256 SHA512 WHIRLPOOL
> > to:
> > manifest-hashes = SHA512 SHA3_512
>
On 19/10/2017 21:08, Michał Górny wrote:
> Considering all arguments made so far, I'd like to propose changing:
> manifest-hashes = SHA256 SHA512 WHIRLPOOL
> to:
> manifest-hashes = SHA512 SHA3_512
+1, fine for me
> 1. The main argument for using multiple hashes is to prevent the (very
>
On Fri, Oct 20, 2017 at 6:04 AM, Kristian Fiskerstrand wrote:
> On 10/20/2017 11:10 AM, Dirkjan Ochtman wrote:
>>
>> I support Hanno's suggestion of doing just SHA512, but would be
>> interested in hearing opinions from others who have apparent
>> security/crypto experience.
On 10/20/2017 03:05 PM, Michael Orlitzky wrote:
> Every WiFi network on the planet essentially became Starbucks overnight
> on Sunday->Monday, so in my opinion we shouldn't bet against immediate
> and catastrophic failure of anything, no matter how well-tested.
Post Hoc ergo Propter Hoc
--
On 10/19/2017 06:32 PM, Hanno Böck wrote:
>
> Counterproposal: Just use SHA512.
>
> There isn't any evidence that any SHA2-based hash algorithm is going to
> be broken any time soon. If that changes there will very likely be
> decades of warning before a break becomes practical.
>
Every WiFi
On 10/20/2017 11:10 AM, Dirkjan Ochtman wrote:
>
> I support Hanno's suggestion of doing just SHA512, but would be
> interested in hearing opinions from others who have apparent
> security/crypto experience. Maybe the Security project can weigh the
> suggestions as well?
>
The whole discussion
On Fri, 20 Oct 2017 11:23:06 +0200
Ulrich Mueller wrote:
> > On Fri, 20 Oct 2017, Dirkjan Ochtman wrote:
>
> > As Hanno was saying, we'll have decades of warning before a break
> > becomes practical, so I don't think this is a real concern.
>
> How can we be sure of
On Fri, Oct 20, 2017 at 11:23 AM, Ulrich Mueller wrote:
> > On Fri, 20 Oct 2017, Dirkjan Ochtman wrote:
>
> > As Hanno was saying, we'll have decades of warning before a break
> > becomes practical, so I don't think this is a real concern.
>
> How can we be sure of that? I
> On Fri, 20 Oct 2017, Dirkjan Ochtman wrote:
> As Hanno was saying, we'll have decades of warning before a break
> becomes practical, so I don't think this is a real concern.
How can we be sure of that? I guess the same reasoning was applied
when MD5 and SHA1 hashes were used.
> I think
On Fri, Oct 20, 2017 at 12:49 AM, Gordon Pettey
wrote:
> On Thu, Oct 19, 2017 at 5:32 PM, Hanno Böck wrote:
>
>> On Thu, 19 Oct 2017 21:08:40 +0200
>> Michał Górny wrote:
>>
>> > manifest-hashes = SHA512 SHA3_512
>>
>>
On Thu, Oct 19, 2017 at 5:32 PM, Hanno Böck wrote:
> On Thu, 19 Oct 2017 21:08:40 +0200
> Michał Górny wrote:
>
> > manifest-hashes = SHA512 SHA3_512
>
> Counterproposal: Just use SHA512.
>
> There isn't any evidence that any SHA2-based hash algorithm is
On Thu, 19 Oct 2017 21:08:40 +0200
Michał Górny wrote:
> manifest-hashes = SHA512 SHA3_512
Counterproposal: Just use SHA512.
There isn't any evidence that any SHA2-based hash algorithm is going to
be broken any time soon. If that changes there will very likely be
decades
2017-10-19 23:00 GMT+02:00 Michał Górny :
> W dniu czw, 19.10.2017 o godzinie 21∶08 +0200, użytkownik Michał Górny
> napisał:
> >
> > 4. The new hashes that are stronger and commonly available are
> > SHA3/Keccak (using sponges) and BLAKE2 (HAIFA). Both are diverse from
> > our
W dniu czw, 19.10.2017 o godzinie 21∶08 +0200, użytkownik Michał Górny
napisał:
>
> 4. The new hashes that are stronger and commonly available are
> SHA3/Keccak (using sponges) and BLAKE2 (HAIFA). Both are diverse from
> our current algorithms, so either is a good candidate. The choice of
>
54 matches
Mail list logo