Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.
|Comment:||Fix a typo in the hashpolicy.wiki document.|
|Downloads:||Tarball | ZIP archive | SQL archive|
|Timelines:||family | ancestors | descendants | both | trunk|
|Files:||files | file ages | folders|
|User & Date:||drh 2019-01-07 01:32:14|
|19:08||Restore the ability to delete a wiki page. check-in: e947378e user: drh tags: trunk|
|01:32||Fix a typo in the hashpolicy.wiki document. check-in: 3b17294d user: drh tags: trunk|
|04:27||Updated the hash policy document, mainly to put it in past tense and to cover the current situation. check-in: df8baf94 user: wyoung tags: trunk|
Changes to www/hashpolicy.wiki.
38 38 39 39 In Fossil version 2.0 ([/timeline?c=version-2.0|2017-03-03]), 40 40 the internal SHA1 implementation was changed from a generic 41 41 FIPS PUB 180-4 SHA1 implementation to a "Hardened SHA1" 42 42 [[https://github.com/cr-marcstevens/sha1collisiondetection|1]] 43 43 [[https://marc-stevens.nl/research/papers/C13-S.pdf|2]]. 44 44 45 -The Hardened SHA1 implement automatically detects when the artifact 45 +The Hardened SHA1 algorithm automatically detects when the artifact 46 46 being hashed is specifically designed to exploit the known weaknesses 47 47 in the SHA1 algorithm, and when it detects such an attack it changes 48 48 the hash algorithm (by increasing the number of rounds in the compression 49 49 function) to make the algorithm secure again. If the attack detection 50 50 gets a false possible, that means that Hardened SHA1 will get a different 51 51 answer than the standard FIPS PUB 180-4 SHA1, but the creators of 52 52 Hardened SHA1 (see the second paper