Re: Crypto
| От | Andrew Dunstan |
|---|---|
| Тема | Re: Crypto |
| Дата | |
| Msg-id | 4AB4FDCB.6000508@dunslane.net обсуждение исходный текст |
| Ответ на | Crypto (David Fetter <david@fetter.org>) |
| Ответы |
Re: Crypto
|
| Список | pgsql-hackers |
David Fetter wrote: > I suggest that we start by putting secure hashing algorithms into the > core distribution so, should MD5 ever break, we have real > alternatives, and not done in a panic. > > > Doing that now would be quite premature. Which algorithm would we choose? And there is no urgency at all about it, since AIUI an attack on our use of it would require a preimage attack: At the time of this writing, there are no practical preimage attacks, meaning that if your use of hashes is only susceptibleto preimage attacks, even MD5 is just fine because at attacker would have to make 2^128 guesses, which willbe infeasable for many decades (if ever). (quoted from <http://www.vpnc.org/hash.html>) The time for us to look at this again is more properly when the NIST SHA-3 competition ends, I believe. That's at least a couple of years away. See <http://csrc.nist.gov/groups/ST/hash/timeline.html> As for the suggestion that we should put other crypto functions into the core, AIUI the reason not to is not to avoid problems with US Export Regulations (after all, we've shipped source tarballs with it for many years, including from US repositories), but to make it easier to use Postgres in places where use of crypto is illegal. What benefit would we gain from making general crypto part of the core? cheers andrew
В списке pgsql-hackers по дате отправления: