[openssl-dev] [openssl.org #3897] request: add BLAKE2 hash function (let's kill md5sum!)
Hubert Kario via RT
rt at openssl.org
Mon Jun 8 10:37:45 UTC 2015
On Friday 05 June 2015 16:39:36 Zooko Wilcox-OHearn via RT wrote:
> Dear OpenSSL folks:
>
> I'm one of the authors of the BLAKE2 hash function
> (https://blake2.net). I've been working with the maintainers of GNU
> coreutils to make a tool named "b2sum", which I hope will eventually
> replace md5sum.
>
> md5sum is the most widely-used tool in the world for data integrity
> but, as you know, MD5 is weak in ways that could endanger the users of
> md5sum, depending on how they use it. I want to see md5sum phased out
> entirely in our lifetimes!
>
> BLAKE2 is a secure hash function, while being faster than MD5 (at
> least on 64-bit CPUs). BLAKE2 is being used in new software projects
> (https://blake2.net/#us) and there is recently an Internet Draft to
> specify it
> (https://datatracker.ietf.org/doc/draft-saarinen-blake2/?include_text=1).
>
> One of the coreutils maintainers suggested that we should ask OpenSSL
> to add BLAKE2, because coreutils itself will probably just use a
> portable C implementation, but it would use an optimized
> implementation if openssl provided it. Here's that thread:
> http://lists.gnu.org/archive/html/coreutils/2015-06/msg00011.html
>
> We, the BLAKE2 maintainers, offer both reference C code and optimized
> implementations: https://blake2.net/#dl . There are also other
> implementations with various virtues available: https://blake2.net/#sw
>
> Here's my blog post extolling the virtues of BLAKE2 as a
> high-performance hash function:
>
> https://leastauthority.com/blog/BLAKE2-harder-better-faster-stronger-than-MD
> 5.html
>
how resistant is it against side channel attacks?
--
Regards,
Hubert Kario
Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150608/3f0b7f57/attachment-0001.sig>
More information about the openssl-dev
mailing list