lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 22 Nov 2016 16:40:29 +0000
From:   David Howells <dhowells@...hat.com>
To:     Joe Perches <joe@...ches.com>
Cc:     dhowells@...hat.com, Lukas Wunner <lukas@...ner.de>,
        linux-efi@...r.kernel.org, linux-security-module@...r.kernel.org,
        keyrings@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/6] x86/efi: Allow invocation of arbitrary runtime services

Joe Perches <joe@...ches.com> wrote:

> Umm, no, that's not correct.
> SHA-1 lengths of 12 are unique for quite awhile yet.
> 
> https://blog.cuviper.com/2013/11/10/how-short-can-git-abbreviate/

The article says:

	1.9% at 12

which is for 3253824 objects (I get 1.86%).

However, that was three years ago, and we now have over five million objects,
so the collision possibility is 4.5% now.

If we add another 2 million over the next three years, then the probability
will be over 8% then.

I've attached my spreadsheet for you to have a look at.

> No.  Use --format=email as appropriate instead.

Fix checkpatch.  This is an entirely reasonable supposition.

David


Download attachment "birthday-problem.ods" of type "application/vnd.oasis.opendocument.spreadsheet" (10627 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ