Re: SHA-3 in libc

To: paul%whooppee.com@localhost
Subject: Re: SHA-3 in libc
From: christos%zoulas.com@localhost (Christos Zoulas)
Date: Sat, 13 Dec 2014 10:05:47 -0500

On Dec 13, 10:54pm, paul%vps1.whooppee.com@localhost (Paul Goyette) wrote:
-- Subject: Re: SHA-3 in libc

| On Sat, 13 Dec 2014, Christos Zoulas wrote:
| > What would be the plan if the standard changes, and the functions are
| > made to compute different output? How are we going to recognize good
| > vs. broken versions of the functions.
| 
| Well since the proposal included what appears to be a reasonable set of 
| ATF tests, one would assume that if the standard changes and the results 
| are different, the tests would detect the change.  (Assuming of course 
| that the tests and their golden-output also get updated.)  One could 
| even retain the existing golden-outputs (which would be not-so-golden 
| after such a change) and use them to report specifically that the tests 
| are not just wrong but that they conform to the earlier standard.
| 
| Or did I misunderstand your question?

How would a package detect it has a broken SHA3 implementation and
avoid using it? Running its unit tests?

christos

References:
- Re: SHA-3 in libc
  - From: Paul Goyette

Prev by Date: Re: SHA-3 in libc
Next by Date: Re: SHA-3 in libc
Previous by Thread: Re: SHA-3 in libc
Next by Thread: Re: SHA-3 in libc
Indexes:

Home | Main Index | Thread Index | Old Index