Peter Palfrader <wea...@debian.org> writes: > On Mon, 14 Jul 2014, Russ Allbery wrote:
>> Using multiple hashes gives us some theoretical robustness against a >> break in one of the hash functions provided that all clients check all >> the hashes and the hashes would fail independently (which is likely). > I would like to see some supporting evidence for the claim that they > will likely fail independently. In particular given that they are all > the same construct. SHA-1 and SHA-2 are relatively independent constructions, so it seems intuitive to me that achieving a hash collision simultaneously with both constructions would be harder than finding a hash collision for either of them independently. I admit that this argument is much stronger for SHA-2 and SHA-3, where there is no commonality at all between the algorithms (that I know of). That said... > I think just having a single, strong hash in Packages ought to be > sufficient. ...I agree with this. I think that, even if this approach works and all the clients check, the level of additional security that we get from having multiple hashes isn't worth the overhead. -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/871ttn3hdw....@windlord.stanford.edu
