Fossil

Check-in [3b17294d]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix a typo in the hashpolicy.wiki document.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 3b17294dfe5b48365edf4c0287e28698dad2ac8c17f0a171d6e9346d446d10a6
User & Date: drh 2019-01-07 01:32:14
Context
2019-01-08
19:08
Restore the ability to delete a wiki page. check-in: e947378e user: drh tags: trunk
2019-01-07
01:32
Fix a typo in the hashpolicy.wiki document. check-in: 3b17294d user: drh tags: trunk
2019-01-06
04:27
Updated the hash policy document, mainly to put it in past tense and to cover the current situation. check-in: df8baf94 user: wyoung tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to www/hashpolicy.wiki.

    38     38   
    39     39   In Fossil version 2.0 ([/timeline?c=version-2.0|2017-03-03]),
    40     40   the internal SHA1 implementation was changed from a generic
    41     41   FIPS PUB 180-4 SHA1 implementation to a "Hardened SHA1"
    42     42   [[https://github.com/cr-marcstevens/sha1collisiondetection|1]]
    43     43   [[https://marc-stevens.nl/research/papers/C13-S.pdf|2]].
    44     44   
    45         -The Hardened SHA1 implement automatically detects when the artifact
           45  +The Hardened SHA1 algorithm automatically detects when the artifact
    46     46   being hashed is specifically designed to exploit the known weaknesses
    47     47   in the SHA1 algorithm, and when it detects such an attack it changes
    48     48   the hash algorithm (by increasing the number of rounds in the compression
    49     49   function) to make the algorithm secure again.  If the attack detection
    50     50   gets a false possible, that means that Hardened SHA1 will get a different
    51     51   answer than the standard FIPS PUB 180-4 SHA1, but the creators of
    52     52   Hardened SHA1 (see the second paper