-
That is still an attack on the second preimage or a collision resistance properties of the hash function. Most collisions do work this way, for example see [1].
[1] https://github.com/corkami/collisions
-
Scout Monitoring
Free Django app performance insights with Scout Monitoring. Get Scout setup in minutes, and let us sweat the small stuff. A couple lines in settings.py is all you need to start monitoring your apps. Sign up for our free tier today.
-
spack
A flexible package manager that supports multiple versions, configurations, platforms, and compilers.
> I can't count the number of times I've seen people say "md5 is fine for use case xyz" where in some counterintuitive way it wasn't fine.
I can count many more times that people told me that md5 was "broken" for file verification when, in fact, it never has been.
My main gripe with the article is that it portrays the entire legal profession as "backwards" and "deeply negligent" when they're not actually doing anything unsafe -- or even likely to be unsafe. And "tech" knows better. Much of tech, it would seem, has no idea about the use cases and why one might be safe or not. They just know something's "broken" -- so, clearly, we should update.
> Just use a safe one, even if you think you "don't need it".
Here's me switching 5,700 or so hashes from md5 to sha256 in 2019: https://github.com/spack/spack/pull/13185
Did I need it? No. Am I "compliant"? Yes.
Really, though, the main tangible benefit was that it saved me having to respond to questions and uninformed criticism from people unnecessarily worried about md5 checksums.
-
sha256-simd
Accelerate SHA256 computations in pure Go using AVX512, SHA Extensions for x86 and ARM64 for ARM. On AVX512 it provides an up to 8x improvement (over 3 GB/s per core). SHA Extensions give a performance boost of close to 4x over native.
BLAKE3 is faster than hardware accelerated SHA-2 because the tree mode used in BLAKE3 allows hashing parts of a single message in parallel (with SHA-2, parts of a single message have to be hashed one after another, and parallelism is only used in workloads where you process multiple messages at the same time).
https://github.com/minio/sha256-simd
https://github.com/BLAKE3-team/BLAKE3
-
Thanks! I've added a note about this here: https://github.com/oconnor663/bao/issues/41#issuecomment-119.... Does that sound like an accurate summary to you?
Related posts
-
Spack – a multi-platform, multi-version package manager for OS X, Windows, Linux
-
Autodafe: "freeing your freeing your project from the clammy grip of autotools."
-
FreeBSD has a(nother) new C compiler: Intel oneAPI DPC++/C++
-
Spack Package Manager v0.21.0
-
Show HN: FlakeHub – Discover and publish Nix flakes