<alexgordon>
oops that was longer than I expected :P
<alexgordon>
-_-
<devyn>
lol
<purr>
lol
<joelteon>
(._. )
<devyn>
alexgordon: I think it might be for the new short-chaining thing where it doesn't have to have the entire history of the chain
<devyn>
idk
<devyn>
but for that they'd definitely want a very secure digest
<devyn>
SHA512 works
<devyn>
:p
<alexgordon>
I guess
<alexgordon>
it's a bit weird
<alexgordon>
if you wanted it to be fast, why not use a modern HMAC like blake2
<alexgordon>
otherwise might as well stick with HMAC-SHA-1, it's not terrible
<devyn>
you don't necessarily want fast
<alexgordon>
you almost always do
<alexgordon>
:P
<alexgordon>
for a MAC at least
<devyn>
also, in cryptography, new = bad
<devyn>
unless the old one is horribly broken
<alexgordon>
well exactly, so if they were using HMAC-SHA-1 before no reason not to stick with it
<alexgordon>
I think it might actually be faster, not sure
<devyn>
well, SHA512 *is* more secure than SHA-1, provably
<alexgordon>
so far, not in an HMAC
<alexgordon>
as in, they're both more or less the same, security wise
<devyn>
theoretically, with a secure algorithm like SHA, the more bits the more secure...
<devyn>
so it doesn't matter if in the real world it doesn't matter
<devyn>
:p
* devyn
shrugs
<purr>
¯\(º_o)/¯
<alexgordon>
blake2 is pretty much the state of the art right now, in software. It's likely more secure than SHA-512 and it's way quicker than doing HMAC-SHA-512
<devyn>
*likely*
<devyn>
cryptography is a time game
cloudhead has quit [Ping timeout: 256 seconds]
<devyn>
same reason scrypt isn't used all that much yet
<alexgordon>
well it was a SHA-3 finalist (or at least, the original BLAKE was)
<devyn>
it hasn't been around long enough
<alexgordon>
I don't think anybody seriously doubts it's secure.
<devyn>
and I'm saying that that doesn't actually matter, because when it's absolutely critical that something be secure, it's best to use something that has withstood the test of time
<alexgordon>
anyway this is way more than I intended to say on the matter :P
<devyn>
:p
<alexgordon>
just think it's a weird no-man's land
<devyn>
even the most brilliant cryptographers miss things sometimes, and they only appear maybe a decade later
<devyn>
anyway
<devyn>
alexgordon: I think it's funny that what bitcoin might end up doing is actually making SHA unusable with this constant drive for better crypto hardware
<alexgordon>
unusable how
<devyn>
as in, if the crypto hardware gets good enough that bitcoin has to switch algorithms, that also means no one should really be using that algorithm,
<devyn>
because the hardware is around to break it
<alexgordon>
nobody's going to brute force sha-1 :P
<alexgordon>
oh you mean for passwords?
<devyn>
passwords would be one thing yeah
<alexgordon>
yeah it's bad for all the people using PBKDF2/SHA-1 (or worse like SHA-1 on its own)
<alexgordon>
because now you can buy off the shelf hardware that can do trillions of SHA-1's per second
<alexgordon>
no doubt the NSA has this stuff
<alexgordon>
but now everybody has it
<devyn>
yeah. it's hilarious to me, because it's the same thing that happens with anything financial
<alexgordon>
before the most most criminals could get was a FPGA
<devyn>
resources get raped
<devyn>
in this case, the resource is a crypto algorithm
<devyn>
it's funny
<alexgordon>
serves them right though :P
<alexgordon>
scrypt for passwords!
<devyn>
or bcrypt, but scrypt is almost certainly a better choice
<alexgordon>
devyn: hm actually it is quite worrying because I would expect most encryption software uses PBKDF2/SHA-1 for turning a password into an encryption key
<devyn>
I know
<devyn>
oil vs. the environment all over again
<alexgordon>
so any files encrypted with passwords are just going to edge closer to being broken!
<alexgordon>
(short to medium passwords)
<alexgordon>
i wonder if the NSA has partnerships with like intel for custom cracking hardware
<alexgordon>
I doubt they have their own fabs!
<devyn>
alexgordon: they probably subcontract all of the hardware, but idk
yorick has quit [Remote host closed the connection]