Using different hash algorithm in purple_util_get_image_checksum()
Paul Aurich
paul at darkrain42.org
Wed Jul 1 01:18:14 EDT 2009
And Ethan Blanton spoke on 06/30/2009 07:56 PM, saying:
<snip/>
> We don't necessarily need a SHA-sized hash, but we need more than
> Adler32. I suggest, however, that there's not much in between that
> will have *practical* implementations which are faster than SHA. (SHA
> implementations in crypto libraries are heavily optimized, as are many
> Adler32 implementations. I am unaware of, for example, a 64-bit
> checksum or hashing function with similar widespread optimization.)
> It's possible that AES-128 would demonstrate benefit, or even DES with
> a 56-bit key; you might want to benchmark.
I believe we currently don't leverage the SSL libraries for hash functions,
which might be worth exploring. Or we might find out they're not
significantly faster than the current implementation.
>
> (In reality, I submit that we *do* need a cryptographically secure hash
> function.
<snip/>
+1 to the whole part I cut out.
> The saving grace here is ... nobody cares that much about buddy
> icons. Particularly now that Hulu is around.)
As this isn't an area where security is particularly important, we could
also use MD5, which is (for the moment still, I believe) resistant to
preimage attacks and faster than SHA1. : )
>
> Ethan
>
~Paul
More information about the Devel
mailing list