Hash upgradability

From Erights

Revision as of 02:09, 10 April 2010 by Kevin Reid (Talk | contribs)
Jump to: navigation, search

E integers have the operation cryptoHash/0 which performs a SHA-1 hash on the two's complement representation of the number. This will be an unfortunate permanent choice once SHA-1 is broken.

We should switch to an interface which acknowledges the need for hash algorithm upgrade.

Kevin Reid 17:30, 29 August 2009 (CDT)


  • Simple: rename cryptoHash to sha1Hash. Add other algorithms as desired. --Kevin Reid 17:30, 29 August 2009 (CDT)
Disadvantage of this: Does not allow code to be sensibly generic over hash algorithms without taking an arbitrary verb to call on Integer. --Kevin Reid 17:30, 29 August 2009 (CDT)
  • Define explicit hash algorithm objects, and provide a standard one which is SHA-1. Also add a provision to ask for the current recommended hash algorithm.
    • Simple: Hash function which takes and returns integers, just extracting the current cryptoHash/0 facility. --Kevin Reid 18:09, 29 August 2009 (CDT)
    • Complex: Also take the opportunity to handle (1) hash large data blocks or streams without turning them into integers first and (2) permit returning an array of octets rather than a big integer as the result, when this is more directly useful. See HashAlgorithm for a proposed protocol. --Kevin Reid 18:09, 29 August 2009 (CDT)


Designation of hash algorithms by programs, if part of the solution to this issue, should use some sort of well-defined namespace. See this friam list thread: Apr 2, 2010 for discussion. David Hopwood's Standard Cryptographic Algorithm Naming is the right sort of thing, but not being maintained.

Personal tools
more tools