From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id aJRdCqjoxl5GLwAA0tVLHw (envelope-from ) for ; Thu, 21 May 2020 20:46:32 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1 with LMTPS id WLMWBqjoxl4xIwAAbx9fmQ (envelope-from ) for ; Thu, 21 May 2020 20:46:32 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id B243E940253 for ; Thu, 21 May 2020 20:46:31 +0000 (UTC) Received: from localhost ([::1]:38002 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jbs5G-0006Or-Cj for larch@yhetil.org; Thu, 21 May 2020 16:46:30 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:47698) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jbs58-0006Oi-3G for guix-devel@gnu.org; Thu, 21 May 2020 16:46:22 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:51643) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jbs57-0000p9-O9; Thu, 21 May 2020 16:46:21 -0400 Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=57978 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1jbs57-000588-Bp; Thu, 21 May 2020 16:46:21 -0400 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= To: Marius Bakke Subject: Re: [bug#41382] [PATCH 0/6] Allow for a cryptographic hash function migration References: <20200518213116.23978-1-ludo@gnu.org> <871rnggf4d.fsf@gnu.org> <87wo57reil.fsf@devup.no> Date: Thu, 21 May 2020 22:46:18 +0200 In-Reply-To: <87wo57reil.fsf@devup.no> (Marius Bakke's message of "Tue, 19 May 2020 20:00:34 +0200") Message-ID: <875zcpc8yt.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: guix-devel@gnu.org, 41382@debbugs.gnu.org Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: "Guix-devel" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of guix-devel-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-devel-bounces@gnu.org X-Spam-Score: -1.01 X-TUID: Yus8EhThZVs1 Hi! Marius Bakke skribis: [...] >> and to automatically =E2=80=9Cconvert=E2=80=9D the =E2=80=98sha256=E2=80= =99 field specification to a >> =E2=80=98content-hash=E2=80=99. Due to the way identifiers are matched,= there are cases >> where we can=E2=80=99t preserve the illusion of compatibility, as can be= seen >> with the patch below. Perhaps that=E2=80=99s acceptable, though. >> >> Thoughts? > > This is a great initiative, and the patches LGTM. Great, thanks for taking a look. > I think that if we are to move away from SHA256, we should go with > something that is immune to length extension attacks[0] such as BLAKE2/3 > or SHA-3 (Keccak). That makes sense to me. I think we have time to think about it. When we choose to switch, we should change all the tools (importers, =E2=80=98guix download=E2=80=99, et= c.) and documentation to default to the new hash so migration can happen consistently. > Although I don't know any Guile implementations of those as of yet. Libgcrypt supports them, so we can definitely use them. I realize we also need to extend nix/libutil/hash.{cc,hh}. > SHA512 does not improve much security-wise IMO, but maybe it's > worthwhile as s stop-gap. Yeah, I=E2=80=99m not sure. We should definitely keep an eye on what other= s are doing and what crypto folks recommend. Ludo=E2=80=99.