coreutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: sort dynamic linking overhead


From: Pádraig Brady
Subject: Re: sort dynamic linking overhead
Date: Mon, 26 Feb 2024 14:12:49 +0000
User-agent: Mozilla Thunderbird

On 26/02/2024 06:44, Yann Collet wrote:
  * xxhash128 is not a cryptographic hash function, so it doesn't attempt tobe 
random.

Just a correction : xxh128 does try to be random. And quite hardly: a 
significant amount of development is spent on ensuring this property.

It’s even tested with PractRand, and it could be used as a good random number 
generator.

Being non-cryptographic means that what it doesn’t try is to make sure no one 
can intentionally forge a hash collision from 2 different files (other than 
brute-forcing, which is impractical).

But that’s different, and I wouldn’t call this property “randomness”, even 
though randomness is a pre-requisite (but not sufficient in itself) to 
collision resistance.

Right. I was looking at both md5 and xxhash128 having a 10 quality score in the 
SMHasher metric.
I even saw a comment from you Yann that xxhas128 may have slightly better 
dispersion than md5.
Also md5 shouldn't be considered as cryptographic anyway since it's broken.
I.e. I don't think users would need to be informed of this change if made.

Re Paul's committed patch, it's a good improvement, and does not add a new 
(xxhash) dependency.
Paul, should the configure check, be testing for the MD5 routines rather than 
SHA512?
Also an entry in the Improvements section of NEWS would be appropriate.

thanks!
Pádraig




reply via email to

[Prev in Thread] Current Thread [Next in Thread]