From owner-freebsd-security Thu Apr 19 20:46:48 2001 Delivered-To: freebsd-security@freebsd.org Received: from mail.wlcg.com (mail.wlcg.com [207.226.17.4]) by hub.freebsd.org (Postfix) with ESMTP id 8DFCA37B424 for ; Thu, 19 Apr 2001 20:46:42 -0700 (PDT) (envelope-from rsimmons@wlcg.com) Received: from localhost (rsimmons@localhost) by mail.wlcg.com (8.11.3/8.11.3) with ESMTP id f3K3kBe86404; Thu, 19 Apr 2001 23:46:11 -0400 (EDT) (envelope-from rsimmons@wlcg.com) Date: Thu, 19 Apr 2001 23:46:07 -0400 (EDT) From: Rob Simmons To: Garrett Wollman Cc: Subject: Re: Tripwire or the like for FreeBSD ? In-Reply-To: <200104200333.XAA44812@khavrinen.lcs.mit.edu> Message-ID: <20010419234434.S86364-100000@mail.wlcg.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 That is true. Maybe in the interest of lower overhead two algorithms could be used. Drop md5? Robert Simmons Systems Administrator http://www.wlcg.com/ On Thu, 19 Apr 2001, Garrett Wollman wrote: > > > Is there a reason to use md5, sha1, and ripemd160 together? I would think > > ripemd160digest alone would be sufficient. > > Of course. If someone breaks one of the crypto hash algorithms, it is > likely that the discovery will not be immediately applicable to other > algorithms, so the other checksums will still be of some value. > > (Hmmm. I wonder how susceptible these hash algorithms are to quantum > computation...?) > > -GAWollman > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE637EDv8Bofna59hYRAwqxAKCMIv618djie1lLNu2svERd5dseHACcDeFp Gu/gh/I5OVPM4UemRhWpBoU= =lxVG -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message