[Buildroot] [PATCH] ser2net: Add a hash file
Markos Chandras
Markos.Chandras at imgtec.com
Wed Oct 8 11:25:54 UTC 2014
On 10/08/2014 11:43 AM, Gustavo Zacarias wrote:
> On 10/08/2014 07:18 AM, Markos Chandras wrote:
>> I understand that, but realistically speaking, supporting so many
>> different hashes is not very efficient. If an upstream uses weak hashes
>> for released tarballs, just verify the weak hash on your local pc and
>> then generate a strong hash yourself. Is there really a point having a
>> week md5 and a strong sha256 hash at the same time?
>
> "strong" hashes are so for now, weak hashes were strong at the time too
> remember, they're, grossly said, glorified checksums/CRCs (which were
> also considered well enough until the data set and computation power grew).
> If you truly want to ensure a certain degree of tamper resistance you
> need to go to the 2-way collision.
> After all a single value of 256 or 512 bits representing a file of 1 MB
> of compressed data is bound to hit some issue eventually.
> With two different hashing methods it's statistically very complex to
> win the lottery.
> Regards.
>
Sure. But this probably is not a strong argument because for all I know
they may find sha256 broken tomorrow morning and you have to update all
the buildroot packages using that hash to verify the tarball. If you
think something is "not strong enough" then don't use it :)
Perhaps it's best if buildroot supported the two strongest algorithms
and request that information for every package? I really see no point
supporting eg md5 since we know it's weak. Anyway, that's my personal
opinion, I just feel there is no clear "rule" here so developers are
free to use whatever they want which may not always be acceptable by the
maintainers :)
--
markos
More information about the buildroot
mailing list