From owner-freebsd-security  Thu Apr 19 20:33:57 2001
Delivered-To: freebsd-security@freebsd.org
Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193])
	by hub.freebsd.org (Postfix) with ESMTP id 0329337B423
	for <freebsd-security@FreeBSD.ORG>; Thu, 19 Apr 2001 20:33:54 -0700 (PDT)
	(envelope-from wollman@khavrinen.lcs.mit.edu)
Received: (from wollman@localhost)
	by khavrinen.lcs.mit.edu (8.9.3/8.9.3) id XAA44812;
	Thu, 19 Apr 2001 23:33:39 -0400 (EDT)
	(envelope-from wollman)
Date: Thu, 19 Apr 2001 23:33:39 -0400 (EDT)
From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
Message-Id: <200104200333.XAA44812@khavrinen.lcs.mit.edu>
To: Rob Simmons <rsimmons@wlcg.com>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: Tripwire or the like for FreeBSD ?
In-Reply-To: <20010419232353.R85568-100000@mail.wlcg.com>
References: <Pine.BSF.4.33.0104201312460.14592-100000@backup.af.speednet.com.au>
	<20010419232353.R85568-100000@mail.wlcg.com>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


> Is there a reason to use md5, sha1, and ripemd160 together?  I would think
> ripemd160digest alone would be sufficient.

Of course.  If someone breaks one of the crypto hash algorithms, it is
likely that the discovery will not be immediately applicable to other
algorithms, so the other checksums will still be of some value.

(Hmmm.  I wonder how susceptible these hash algorithms are to quantum
computation...?)

-GAWollman


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message