[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Monotone-devel] Hash collisions resiliency

From: tekHedd
Subject: Re: [Monotone-devel] Hash collisions resiliency
Date: Wed, 13 Apr 2005 20:56:36 -0700
User-agent: Mozilla Thunderbird 1.0.2 (X11/20050330)

Hash: SHA1

Nathan Myers wrote:
> On Wed, Apr 13, 2005 at 03:22:14PM -0700, J C Lawrence wrote:
> So, if you're a billion billion billion times more worried about a 
> hash collision than about your whole family dying in a car collision, 
> then maybe monotone isn't for you.

A good point, and oen that has been (heh) rehashed on the list over and
over. However, there are two aspects to risk management:

  1) Knowing what the odds of failure are, and minimizing that chance

  2) Understanding what is at risk. Knowing _what_ you lose when you
     lose), minimizing the loss, and having a plan for dealing with
     it if it happens.

I've seen #1 exhaustively discussed, and of course we all can see that
the risk is pretty darn amazingly close to 0. Sadly, as long as it is
not _exactly_ 0, a discussion of failure modes is appropriate.

(Or have you never considered what would happen in the unlikely
situation where you are driving your family across town and your car is
in a terrible accident? If you have, you may have purchased something
called insurance.) (Is it just me, or are these analogies getting
gruesome? :o )

Once a (hypothetical) hash key conflict is actually detected, it can be
solved by switching to a (hypothetical) new algorithm. I am cool with
this. It is good. The unanswered question is: what damage can occur
before the conflict is detected? I would love to have these questions

  1) How long can you run with a duplicate key before monotone will
     simply refuse to work?

  2) How much damage could this cause? If undetected for some time (and
     the program doesn't crash), would more damage follow?

Of course a duplicate hash will never happen, but if it does, I promise
you it will happen to me. :)

tom "lost his root partition to hardware failure last month" surace
- --
Tom Surace                )                 ,~~v~~,
address@hidden    )                ,`.   .`, ) ------------- ===  +  === ---
                                       Hamster was here
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird -


reply via email to

[Prev in Thread] Current Thread [Next in Thread]