You are viewing a plain text version of this content. The canonical link for it is here.
Posted to reviews@iotdb.apache.org by GitBox <gi...@apache.org> on 2020/11/13 17:51:38 UTC
[GitHub] [iotdb] asdf2014 opened a new pull request #2047: Use SHA-256 instead of MD5 for less hash collision and more safety
asdf2014 opened a new pull request #2047:
URL: https://github.com/apache/iotdb/pull/2047
FYI, the benchmark results of these digest algorithms from https://automationrhapsody.com/md5-sha-1-sha-256-sha-512-speed-performance/ .
| Hash | Case 1 (ms) | Case 2 (ms) | Case 3 (ms) | Case 4 (ms) | Case 5 (ms) | Case 6 (ms) |
| ------- | ----------- | ----------- | ----------- | ----------- | ----------- | ----------- |
| MD5 | 627.4 | 765.6 | 1488.8 | 839 | 1029.4 | 1738.2 |
| SHA-1 | 604 | 748.2 | 1325 | 916.8 | 1009.6 | 1632.4 |
| SHA-256 | 737.8 | 851 | 1504.4 | 1168.2 | 1260 | 1963.6 |
| SHA-512 | 1056.4 | 1158.8 | 1837.4 | 1118.4 | 1227.4 | 1923 |
The collision probability of `MD5` is too high, `SHA1` has been cracked by Google, and `SHA-512` is the most time-consuming. Therefore, SHA-256 is the best choice.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [iotdb] qiaojialin commented on pull request #2047: Use SHA-256 instead of MD5 for less hash collision and more safety
Posted by GitBox <gi...@apache.org>.
qiaojialin commented on pull request #2047:
URL: https://github.com/apache/iotdb/pull/2047#issuecomment-729404601
@asdf2014 Hi, using digest is better! and please merge the master branch, the ci is fixed~
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [iotdb] qiaojialin commented on pull request #2047: Use SHA-256 instead of MD5 for less hash collision and more safety
Posted by GitBox <gi...@apache.org>.
qiaojialin commented on pull request #2047:
URL: https://github.com/apache/iotdb/pull/2047#issuecomment-727160333
Great! I found there is a lot of method names that contain "MD5", we may need to change them
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [iotdb] asdf2014 commented on pull request #2047: Use SHA-256 instead of MD5 for less hash collision and more safety
Posted by GitBox <gi...@apache.org>.
asdf2014 commented on pull request #2047:
URL: https://github.com/apache/iotdb/pull/2047#issuecomment-727597753
@qiaojialin Thanks for your comment. Yes, how about changing `md5` to `digest` in the constant or function name?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [iotdb] sonarcloud[bot] commented on pull request #2047: Use SHA-256 instead of MD5 for less hash collision and more safety
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on pull request #2047:
URL: https://github.com/apache/iotdb/pull/2047#issuecomment-729528564
Kudos, SonarCloud Quality Gate passed!
[<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug.png' alt='Bug' width='16' height='16' />](https://sonarcloud.io/project/issues?id=apache_incubator-iotdb&pullRequest=2047&resolved=false&types=BUG) [<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A.png' alt='A' width='16' height='16' />](https://sonarcloud.io/project/issues?id=apache_incubator-iotdb&pullRequest=2047&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_incubator-iotdb&pullRequest=2047&resolved=false&types=BUG)
[<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability.png' alt='Vulnerability' width='16' height='16' />](https://sonarcloud.io/project/issues?id=apache_incubator-iotdb&pullRequest=2047&resolved=false&types=VULNERABILITY) [<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A.png' alt='A' width='16' height='16' />](https://sonarcloud.io/project/issues?id=apache_incubator-iotdb&pullRequest=2047&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_incubator-iotdb&pullRequest=2047&resolved=false&types=VULNERABILITY) (and [<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot.png' alt='Security Hotspot' width='16' height='16' />](https://sonarcloud.io/project/issues?id=apache_incubator-iotdb&pullRequest=2047&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/i
ssues?id=apache_incubator-iotdb&pullRequest=2047&resolved=false&types=SECURITY_HOTSPOT) to review)
[<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell.png' alt='Code Smell' width='16' height='16' />](https://sonarcloud.io/project/issues?id=apache_incubator-iotdb&pullRequest=2047&resolved=false&types=CODE_SMELL) [<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A.png' alt='A' width='16' height='16' />](https://sonarcloud.io/project/issues?id=apache_incubator-iotdb&pullRequest=2047&resolved=false&types=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache_incubator-iotdb&pullRequest=2047&resolved=false&types=CODE_SMELL)
[<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/NoCoverageInfo.png' alt='No Coverage information' width='16' height='16' />](https://sonarcloud.io/component_measures?id=apache_incubator-iotdb&pullRequest=2047) No Coverage information
[<img src='https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3.png' alt='0.0%' width='16' height='16' />](https://sonarcloud.io/component_measures?id=apache_incubator-iotdb&pullRequest=2047&metric=new_duplicated_lines_density&view=list) [0.0% Duplication](https://sonarcloud.io/component_measures?id=apache_incubator-iotdb&pullRequest=2047&metric=new_duplicated_lines_density&view=list)
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [iotdb] qiaojialin merged pull request #2047: Use SHA-256 instead of MD5 for less hash collision and more safety
Posted by GitBox <gi...@apache.org>.
qiaojialin merged pull request #2047:
URL: https://github.com/apache/iotdb/pull/2047
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org