Eliminating Tiger dependencies in ADC

A previous post describes how ADC depends on the Tiger hash algorithm and suggests that such a rigid dependency should not exist. ADC refers to one specific hash algorithm that, despite current integrity, could lose such and would currently leave the broader protocol unacceptably broken. Other protocols, such as SSH and TLS, tend to parameterize over available cryptographic primitives, negotiating which to use during handshaking. By contrast, if Tiger is broken with ADC in its current state, it will likely be attacked, thus undermining the integrity of the DC network even more than Mediasentry has already attempted. To avoid this, one should change the hash primitive, for example to SHA2 or a future SHA3, depending on breakage timeline.

Most of the dependencies, which largely lie in encoded hash length and areas constrained by namespaces, trivially coexist: for a few versions, ADC clients would support both, maintaining the old one for hash compatibility and the new one going forward, for future clients which would support only the new hash. Password verification and hashing PID to CID, by contrast, pose the most substantial barriers to such modification due to their occurring before any negotiation between hub and client save SUP can occur. Thus, adapting ADC to non-Tiger hashes would most felicitously involve adding explicit SUP strings for hash primitives.

Until the latest ADC specification change, BASE implied support for both the handshaking and message transfer as well as the Tiger hash primitive. It now solves the problem described by splitting out the latter as TIGR support. Thus, if Tiger must be depreciated, just as the dual namespaces would allow filelist addressing and other command parameters to support a transition period between hashes, so would support for TIGR and, for example, SHA2 smoothly support such a change.

Don’t forget that you can make topic suggestions for blog posts in our “Blog Topic Suggestion Box!”

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: