Re: ANNOUNCE: SHA-224 in Digest::SHA

From: Brian Gladman (brg_at_nowhere.at.all)
Date: 01/01/04 

Date: Thu, 1 Jan 2004 15:05:27 -0000

"Mark Shelor" <mshelor@comcast.removeme.net> wrote in message
news:zdqdnX7bnqxJummiRVn-vg@comcast.com...
> Brian Gladman wrote:
>
[snip]
> > Of course, this does not rule out bit-string support but it does suggest
> > that this is the sort of functionality that ought to be controlled at
> > compile time so that it is only implemented in situations where it is
> > actually needed.
>
>
> No, I don't agree with you on this point. Conditional compilation is a
> killer: it makes software very difficult to maintain, and exponentially
> increases the labor and uncertainty of testing. The Digest::SHA module
> uses Single-Point-Of-Truth (SPOT) principles to reduce complexity, with
> the consequence that all data is handled in exactly the same way. To
> begin distinguishing between bit-oriented and byte-oriented routines
> would completely annihilate this uniformity.

I think this is an issue where a balance has to be struck. If there are a
large number compile time options, especially ones that interact, then I
would certainly agree with you. But having a single compile time option to
enable/disable bit-level hashing support in SHA should not cause any
significant maintenance issues provided that the code and the testing
strategy has been developed with this in mind.

However, since I don't support bit-level hashing in my SHA code, it should
be clear that I have sympathy with the view expressed by Roger that the best
security option for applications that don't require bit-level hashing is
most likely to be the adoption of an implementation that does not offer this
functionality in any form.

[snip]
   Brian Gladman

Relevant Pages