Re: Crypto

On Sat, Sep 19, 2009 at 11:50:35AM -0400, Andrew Dunstan wrote:
>
>
> David Fetter wrote:
>> I suggest that we start by putting secure hashing algorithms into the
>> core distribution so, should MD5 ever break, we have real
>> alternatives, and not done in a panic.
>
> Doing that now would be quite premature. Which algorithm would we choose?
>
> And there is no urgency at all about it, since AIUI an attack on our use  
> of it would require a preimage attack:
>
>    At the time of this writing, there are no practical preimage
>    attacks, meaning that if your use of hashes is only susceptible to
>    preimage attacks, even MD5 is just fine because at attacker would
>    have to make 2^128 guesses, which will be infeasable for many
>    decades (if ever). (quoted from  <http://www.vpnc.org/hash.html>)
>
>
> The time for us to look at this again is more properly when the NIST  
> SHA-3 competition ends, I believe. That's at least a couple of years  
> away. See <http://csrc.nist.gov/groups/ST/hash/timeline.html>

OK

> As for the suggestion that we should put other crypto functions into
> the  core, AIUI the reason not to is not to avoid problems with US
> Export  Regulations (after all, we've shipped source tarballs with
> it for many years, including from US repositories), but to make it
> easier to use Postgres in places where use of crypto is illegal.

To date, I have not found an example of such a place.  For the record,
would you or anyone seeing this be so kind as to provide one, along
with some kind of evidence that somewhere, such a law has actually
been enforced?

> What benefit would we  gain from making general crypto part of the
> core?

People may wish to encrypt things in the database.

Cheers,
David.
-- 
David Fetter <david@fetter.org> http://fetter.org/
Phone: +1 415 235 3778  AIM: dfetter666  Yahoo!: dfetter
Skype: davidfetter      XMPP: david.fetter@gmail.com

Remember to vote!
Consider donating to Postgres: http://www.postgresql.org/about/donate