Re: svn commit: r239569 - head/etc/rc.d
David O'Brien <obrien@FreeBSD.org> writes:
> Dag-Erling Sm=C3=B8rgrav <des@des.no> writes:
> > Is there a reason to choose sha256 over a weaker, faster hash?
> Using a weaker hash could reduce the amount of entropy in the
> output (due to collisions).
>
> The Yarrow paper makes this argument (but willing to potentially loose
> some entropy) in 5 'The Generic Yarrow Design an Yarrow-160'
>
> The reason is if you take an 'm' bit random value and apply a hash
> function that produces 'm' bits of output, the result has less than
> 'm' bits of entropy due to the collisions that occur. This is a very
> minor effect, and overall results in the loss of at most a few bits
> of entropy.
I was thinking along the lines of feeding at least 2 * m into the hash
function, possibly much more. Remember that we're talking about finding
an alternative to discarding large amounts of data.
DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@des.no
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 35 之 145 篇):