Author: Aymeric Vitte 2017-02-24 15:18:43
Published on: 2017-02-24T15:18:43+00:00
The author suggests the idea of hashing files continuously rather than hashing the intermediate steps in order to help whatever hash function is being used for objects that are not frozen but extending. This is not suggested as a workaround to fix SHA1, which will be dead soon or later but as a general concept. The drawback is that the hash state has to be kept when closing the latest hash computation in order to start the next one. The question then becomes whether knowing the hash state makes it easy to find a collision between two files that will be computed in the next round. The author believes it is much more difficult. The suggestion is presented as an idea that might be explored and the code is available if needed. The author expresses disappointment that this subject is not paid enough attention to and is apparently only used by one project in the world and not supported by any library. A response to the email, posted by Tim Ruffing, rejects the suggestion as relying on the idea that specific collisions are more difficult to find. It is suggested that even if certain collisions are more difficult to find today, someone will prove it wrong in a year. The email ends with a call to get rid of SHA1 and switch to a new hash function.
Updated on: 2023-06-11T21:50:01.452935+00:00