Fossil

Check-in [3b17294d]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix a typo in the hashpolicy.wiki document.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 3b17294dfe5b48365edf4c0287e28698dad2ac8c17f0a171d6e9346d446d10a6
User & Date: drh 2019-01-07 01:32:14.167
Context
2019-01-08
19:08
Restore the ability to delete a wiki page. ... (check-in: e947378e user: drh tags: trunk)
2019-01-07
01:32
Fix a typo in the hashpolicy.wiki document. ... (check-in: 3b17294d user: drh tags: trunk)
2019-01-06
04:27
Updated the hash policy document, mainly to put it in past tense and to cover the current situation. ... (check-in: df8baf94 user: wyoung tags: trunk)
Changes
Unified Diff Ignore Whitespace Patch
Changes to www/hashpolicy.wiki. 
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52


In Fossil version 2.0 ([/timeline?c=version-2.0|2017-03-03]),
the internal SHA1 implementation was changed from a generic
FIPS PUB 180-4 SHA1 implementation to a "Hardened SHA1"
[[https://github.com/cr-marcstevens/sha1collisiondetection|1]]
[[https://marc-stevens.nl/research/papers/C13-S.pdf|2]].

The Hardened SHA1 implement automatically detects when the artifact
being hashed is specifically designed to exploit the known weaknesses
in the SHA1 algorithm, and when it detects such an attack it changes
the hash algorithm (by increasing the number of rounds in the compression
function) to make the algorithm secure again.  If the attack detection
gets a false possible, that means that Hardened SHA1 will get a different
answer than the standard FIPS PUB 180-4 SHA1, but the creators of
Hardened SHA1 (see the second paper








|








38
39
40
41
42
43
44
45
46
47
48
49
50
51
52


In Fossil version 2.0 ([/timeline?c=version-2.0|2017-03-03]),
the internal SHA1 implementation was changed from a generic
FIPS PUB 180-4 SHA1 implementation to a "Hardened SHA1"
[[https://github.com/cr-marcstevens/sha1collisiondetection|1]]
[[https://marc-stevens.nl/research/papers/C13-S.pdf|2]].

The Hardened SHA1 algorithm automatically detects when the artifact
being hashed is specifically designed to exploit the known weaknesses
in the SHA1 algorithm, and when it detects such an attack it changes
the hash algorithm (by increasing the number of rounds in the compression
function) to make the algorithm secure again.  If the attack detection
gets a false possible, that means that Hardened SHA1 will get a different
answer than the standard FIPS PUB 180-4 SHA1, but the creators of
Hardened SHA1 (see the second paper