On Sat, Sep 19, 2009 at 11:50:35AM -0400, Andrew Dunstan wrote:
>
>
> David Fetter wrote:
>> I suggest that we start by putting secure hashing algorithms into the
>> core distribution so, should MD5 ever break, we have real
>> alternatives, and not done in a panic.
>
> Doing that now would be quite premature. Which algorithm would we choose?
>
> And there is no urgency at all about it, since AIUI an attack on our use
> of it would require a preimage attack:
>
> At the time of this writing, there are no practical preimage
> attacks, meaning that if your use of hashes is only susceptible to
> preimage attacks, even MD5 is just fine because at attacker would
> have to make 2^128 guesses, which will be infeasable for many
> decades (if ever). (quoted from <http://www.vpnc.org/hash.html>)
>
>
> The time for us to look at this again is more properly when the NIST
> SHA-3 competition ends, I believe. That's at least a couple of years
> away. See <http://csrc.nist.gov/groups/ST/hash/timeline.html>
OK
> As for the suggestion that we should put other crypto functions into
> the core, AIUI the reason not to is not to avoid problems with US
> Export Regulations (after all, we've shipped source tarballs with
> it for many years, including from US repositories), but to make it
> easier to use Postgres in places where use of crypto is illegal.
To date, I have not found an example of such a place. For the record,
would you or anyone seeing this be so kind as to provide one, along
with some kind of evidence that somewhere, such a law has actually
been enforced?
> What benefit would we gain from making general crypto part of the
> core?
People may wish to encrypt things in the database.
Cheers,
David.
--
David Fetter <david@fetter.org> http://fetter.org/
Phone: +1 415 235 3778 AIM: dfetter666 Yahoo!: dfetter
Skype: davidfetter XMPP: david.fetter@gmail.com
Remember to vote!
Consider donating to Postgres: http://www.postgresql.org/about/donate