From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id kL/FMNQexF5ASgAA0tVLHw (envelope-from ) for ; Tue, 19 May 2020 18:00:52 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id oDymLNQexF7iSQAA1q6Kng (envelope-from ) for ; Tue, 19 May 2020 18:00:52 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 5AA269402D1 for ; Tue, 19 May 2020 18:00:52 +0000 (UTC) Received: from localhost ([::1]:49696 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jb6Xr-0004Og-4M for larch@yhetil.org; Tue, 19 May 2020 14:00:51 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:39390) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jb6Xg-0004Oa-RF for guix-devel@gnu.org; Tue, 19 May 2020 14:00:40 -0400 Received: from out4-smtp.messagingengine.com ([66.111.4.28]:60445) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jb6Xf-00042O-LZ; Tue, 19 May 2020 14:00:40 -0400 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 936735C00EA; Tue, 19 May 2020 14:00:38 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Tue, 19 May 2020 14:00:38 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastmail.com; h= from:to:cc:subject:in-reply-to:references:date:message-id :mime-version:content-type; s=fm2; bh=YaBsNFmkX4PdEDYEf+X7Eb5t9Y 3KByRDz/1EWSimqHQ=; b=V/Pqwc79hxP7lkcZidxpsuXflQPvl2qY61sVkxvrE8 4CR1yMRxr9tGYFLX0DWu+1GEkA/TG0BgrvSwFSv9mqdOhXLgMswqSSE70U7gx4ex rvLU9o4UrhxTl/95bs2xeRstfb4ms7rW1VCytac3Hfe8JSH5nR9n3GskYzdpT0Qb 7xWzTFXmaZJPo84YT6C1USvSDYjskXRYYG2/V5+BDb3j0F5mubbiMUEMj+PA8fmB xD+pFzAViQEjfKfUEiPVkqlDRPJzOy+xviTmn8ce78AkCnIOkL1i5V4607EIWWqi Z9+6nyO8RRj4Ax36O2knO8N5jegda/1pJdAxVYNdYjkw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=YaBsNF mkX4PdEDYEf+X7Eb5t9Y3KByRDz/1EWSimqHQ=; b=G56Rutfk/QS+2+y/Mh1xXg jpYfyc9AyhV54nTOPDG1LUlCjv1HoFDXzvgYPdWtbJykFA/79xnU1rrF42GUuB6S svnF6EGfsM7vLch7jHymky/3cil8zovXUWxMwDc1poDFl6yuP+tnc5bO7YeoCN6d RGIxm0eqdsXLcSlDUIWRGwQq3MgMuD0Aeo6gBZjnn0/OL8dM/HV5xEayvox8m6+y YrS7OlJ2vbs0dll+AhXJ1Q5eeyigGHEQb9LJRK5BLuIoIRYhec6UTWwJHe+9wOpB 4R9VLbA1l7kmKHU/5/fyvBDHzUmIuX2y+3tkEUeURWKupO7RmDl+RRG7OffKrg/Q == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduhedruddtjedguddulecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpefhvffujghffffkgggtsehgtderredttdejnecuhfhrohhmpeforghrihhu shcuuegrkhhkvgcuoehmsggrkhhkvgesfhgrshhtmhgrihhlrdgtohhmqeenucggtffrrg htthgvrhhnpeffvdfhhfejffelfedvgedviefgfffgleeljeeghfeggfekheefffehtedu heehleenucffohhmrghinhepfihikhhiphgvughirgdrohhrghenucfkphepkedvrdduge ekrdduledurddukeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhl fhhrohhmpehmsggrkhhkvgesfhgrshhtmhgrihhlrdgtohhm X-ME-Proxy: Received: from localhost (ip82-148-191-18.breiband.no [82.148.191.18]) by mail.messagingengine.com (Postfix) with ESMTPA id 17FEB328005E; Tue, 19 May 2020 14:00:37 -0400 (EDT) From: Marius Bakke To: Ludovic =?utf-8?Q?Court=C3=A8s?= , 41382@debbugs.gnu.org Subject: Re: [bug#41382] [PATCH 0/6] Allow for a cryptographic hash function migration In-Reply-To: <871rnggf4d.fsf@gnu.org> References: <20200518213116.23978-1-ludo@gnu.org> <871rnggf4d.fsf@gnu.org> Date: Tue, 19 May 2020 20:00:34 +0200 Message-ID: <87wo57reil.fsf@devup.no> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Received-SPF: pass client-ip=66.111.4.28; envelope-from=mbakke@fastmail.com; helo=out4-smtp.messagingengine.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/05/19 13:27:43 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001 autolearn=_AUTOLEARN X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: guix-devel@gnu.org Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: "Guix-devel" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=fastmail.com header.s=fm2 header.b=V/Pqwc79; dkim=pass header.d=messagingengine.com header.s=fm2 header.b=G56Rutfk; dmarc=pass (policy=none) header.from=fastmail.com; spf=pass (aspmx1.migadu.com: domain of guix-devel-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-devel-bounces@gnu.org X-Spam-Score: -3.81 X-TUID: HQS+sldPU8iI --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Ludovic, (+ guix-devel) Ludovic Court=C3=A8s writes: > Hello, > > Ludovic Court=C3=A8s skribis: > >> Another option would be to create a data type that specifies >> its algorithm and its value. We=E2=80=99d replace the =E2=80=98sha256= =E2=80=99 field with >> a =E2=80=98hash=E2=80=99 field of that type (in a backward-compatible wa= y). Thinking >> about it, this is perhaps the better option. > > Here=E2=80=99s a v2 that does that: instead of adding a =E2=80=98sha512= =E2=80=99 field to > , it replaces the =E2=80=98sha256=E2=80=99 field with =E2=80=98ha= sh=E2=80=99 and introduces a > data type (similar to the data type we have). > > One can now write things like: > > (origin > ;; =E2=80=A6 > (hash (content-hash (base64 "=E2=80=A6") sha512))) > > Since it=E2=80=99s a bit verbose, one can also pass a literal string dire= ctly, > in which case it=E2=80=99s base32-decoded: > > (origin > ;; =E2=80=A6 > (hash (content-hash "=E2=80=A6"))) > > =E2=80=98content-hash=E2=80=99 uses macrology to validate as much as poss= ible at > macro-expansion time. > > There=E2=80=99s a compatibility =E2=80=98origin=E2=80=99 macro intended t= o allow people to keep > writing: > > (origin > (url =E2=80=A6) > (method =E2=80=A6) > (sha256 =E2=80=A6)) > > and to automatically =E2=80=9Cconvert=E2=80=9D the =E2=80=98sha256=E2=80= =99 field specification to a > =E2=80=98content-hash=E2=80=99. Due to the way identifiers are matched, = there are cases > where we can=E2=80=99t preserve the illusion of compatibility, as can be = seen > with the patch below. Perhaps that=E2=80=99s acceptable, though. > > Thoughts? This is a great initiative, and the patches LGTM. I think that if we are to move away from SHA256, we should go with something that is immune to length extension attacks[0] such as BLAKE2/3 or SHA-3 (Keccak). Although I don't know any Guile implementations of those as of yet. SHA512 does not improve much security-wise IMO, but maybe it's worthwhile as s stop-gap. 0: https://en.wikipedia.org/wiki/Length_extension_attack --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEu7At3yzq9qgNHeZDoqBt8qM6VPoFAl7EHsIACgkQoqBt8qM6 VPo0swf9EISGA6w8OHyAb9oF1cg53FppycJhVYBkKkM8axnXeUAuRv5V9p/p24AL a6klRPCqtd+5Gupt/s0yitsOkTbgC3YF3S0Xjm7d2kqCQSiO2UakhKjqS8xK6+1X yabYyUVt7mO4eWRcehwZ7lUzBPlwE9fmuBU66Eq+eg70i7b0mIqdsHSIaZlGwjII Lu8J/qoBoTIxWaiLYEDkGnJUvTg7MZlr1o4ZNvwWDnnI+JmjQHVUAAWeikX0IQmW h1wPSGazmMX3NQ8vzJ0DlQunbNp7cOnbdUdym9LiMn1jHfVxgakYDJXuI5RboB4L isjBbYAmJpcoAYFMCT3AwS2zmP2FLA== =woyR -----END PGP SIGNATURE----- --=-=-=--