On Mon, 09 Jun 2014 15:37:25 -0700 Alan Coopersmith <[email protected]> wrote:
> On 06/ 9/14 04:04 AM, Pali Rohár wrote: > > I think that security flaws found in openssl/gnutls last > > days/months is very good reason to not use it - when it is not > > needed. > > I believe all of those have been in the SSL/TLS layers, and not down > in the cryptographic hash primitives themselves. > > One of the prime motivators we had for moving to an externally > maintained SHA-1 implementation for Xorg was to let someone else deal > with all the optimizations for specific CPUs and let us simply reap > the benefits of their work. > > If you don't want to use one of the existing libraries, you can take > your own SHA-1 implementation, make it conform to one of the existing > API's and simply build with it, but that seems like a lot of work to > move from a known good implementation to one that's probably not as > good. > I think the best thing would be to try find some cheaper hash function (with a proof on collision probability) and test it, probably try to run a test of collisions on a large glyph database. Worst case scenario: There can be a compile-time choice to use internal sha1 implementation with all the ifdefs in x_sha1_*.c Marek Behun
signature.asc
Description: PGP signature
_______________________________________________ [email protected]: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
