zfs discuss - Feb 2010 - Different Hash algorithm

Hello,

while writing some articles about dedup, hashes and ZFS for my blog,  i asked
myself: When fletcher4 is fast, but collision prone and sha256 is slower, but
relatively secure, wouldn''t it be reasonable to integrate Skein
(http://www.schneier.com/skein.pdf) into ZFS to yield faster checksumming as
well as a reduced probability of false positive deduplications due to hash
collisions?

Regards
 Joerg

--
Joerg Moellenkamp             Tel: (+49 40) 25 15 23 - 460
Principal Field Technologist  Fax: (+49 40) 25 15 23 - 425
Sun Microsystems GmbH         Mobile: (+49 172) 83 18 433
Nagelsweg 55                  mailto:joerg.moellenkamp at sun.com
D-20097 Hamburg               Website: http://www.sun.de
                       	      Blog: http://www.c0t0d0s0.org

Sitz der Gesellschaft:    
        Sun Microsystems GmbH
        Sonnenallee 1
        D-85551 Kirchheim-Heimstetten
        Amtsgericht M?nchen HRB 161028

Gesch?ftsf?hrer:            
        Thomas Schr?der
        Wolfgang Engels
        Wolf Frenkel
Vorsitzender des Aufsichtsrates: 
        Martin H?ring

-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://mail.opensolaris.org/pipermail/zfs-discuss/attachments/20100207/761ddadf/attachment.html>

On 07/02/2010 20:07, Joerg Moellenkamp wrote:
> Hello,
>
> while writing some articles about dedup, hashes and ZFS for my blog, i
> asked myself: When fletcher4 is fast, but collision prone and sha256 is
> slower, but relatively secure, wouldn''t it be reasonable to
integrate
> Skein (http://www.schneier.com/skein.pdf) into ZFS to yield faster
> checksumming as well as a reduced probability of false positive
> deduplications due to hash collisions?
If Skein passes the cryptanlaysis for the SHA3 competition being run by 
NIST and is the winner of that competition or is otherwise considered 
sounds by the crypto community then yes until then I think it is 
premature to do so as it is a very new algorithm.

-- 
Darren J Moffat

On Feb 7, 2010, at 15:10, Darren J Moffat wrote:
> On 07/02/2010 20:07, Joerg Moellenkamp wrote:
>> Hello,
>>
>> while writing some articles about dedup, hashes and ZFS for my  
>> blog, i
>> asked myself: When fletcher4 is fast, but collision prone and  
>> sha256 is
>> slower, but relatively secure, wouldn''t it be reasonable to
integrate
>> Skein (http://www.schneier.com/skein.pdf) into ZFS to yield faster
>> checksumming as well as a reduced probability of false positive
>> deduplications due to hash collisions?
>
> If Skein passes the cryptanlaysis for the SHA3 competition being run  
> by NIST and is the winner of that competition or is otherwise  
> considered sounds by the crypto community then yes until then I  
> think it is premature to do so as it is a very new algorithm.
A new attack on Threefish (which Skein is based on) was recently  
announced:

	http://www.schneier.com/blog/archives/2010/02/new_attack_on_t.html

Any reason why the OP prefers Skein over any of the other SHA-3  
candidates?

	http://en.wikipedia.org/wiki/NIST_hash_function_competition

Well, it''s an attack, right?  Neither Skein nor Threefish has been
compromised.
In fact, this is what you want to see - researchers attacking an algorithm
which
goes a long way toward furthering or proving the security of said
algorithm.  I
think I agree with Darren overall, but this still looks promising because
these
researchers, while attacking Threefish and clearly finding some way to
simplify
a further attack, have still not managed to compromise it.  Exposing the
algo
to the scrutiny of the community will either help strengthen it, or expose
its
weakness, and all will be better as a result (in theory).

I am now curious, though, along with David, as to the reason Skein in
particular
was pointed out?  Is there any particular reason, or is it just that Joerg
came
across it while working on his blog posts?  There may not be a reason, which
is
perfectly fine, but for the sake of curiosity, if there is one, please share
Joerg.

On Sun, Feb 7, 2010 at 15:53, David Magda <dmagda at ee.ryerson.ca> wrote:
>
> On Feb 7, 2010, at 15:10, Darren J Moffat wrote:
>
>  On 07/02/2010 20:07, Joerg Moellenkamp wrote:
>>
>>> Hello,
>>>
>>> while writing some articles about dedup, hashes and ZFS for my
blog, i
>>> asked myself: When fletcher4 is fast, but collision prone and
sha256 is
>>> slower, but relatively secure, wouldn''t it be reasonable
to integrate
>>> Skein (http://www.schneier.com/skein.pdf) into ZFS to yield faster
>>> checksumming as well as a reduced probability of false positive
>>> deduplications due to hash collisions?
>>>
>>
>> If Skein passes the cryptanlaysis for the SHA3 competition being run by
>> NIST and is the winner of that competition or is otherwise considered
sounds
>> by the crypto community then yes until then I think it is premature to
do so
>> as it is a very new algorithm.
>>
>
> A new attack on Threefish (which Skein is based on) was recently announced:
>
>        http://www.schneier.com/blog/archives/2010/02/new_attack_on_t.html
>
> Any reason why the OP prefers Skein over any of the other SHA-3 candidates?
>
>        http://en.wikipedia.org/wiki/NIST_hash_function_competition
>
>
> _______________________________________________
> zfs-discuss mailing list
> zfs-discuss at opensolaris.org
> http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
>


-- 
"You can choose your friends, you can choose the deals." - Equity
Private

"If Linux is faster, it''s a Solaris bug." - Phil Harman

Blog - http://whatderass.blogspot.com/
Twitter - @khyron4eva
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://mail.opensolaris.org/pipermail/zfs-discuss/attachments/20100207/55e71307/attachment.html>