search

libressl / portable

LibreSSL Portable itself. This includes the build scaffold and compatibility layer that builds portable LibreSSL from the OpenBSD source code. Pull requests or patches sent to tech@openbsd.org are welcome.
https://www.libressl.org
1.35k stars 269 forks source link

Add support for Blake2 #199

Open yonas opened 8 years ago

yonas commented 8 years ago

OpenSSL 1.1.0 will be shipping with Blake2 support:

https://github.com/openssl/openssl/commit/208527a75dd9584e2715c0eebcfad8c730d0dfae https://github.com/openssl/openssl/pull/566

bob-beck commented 8 years ago

OpenSSL also ships with many wonderful things we have either deleted, or are waiting to see if they are viable and worth the attack surface. Do you have an actual use case for this? If so we will consider it

zookozcash commented 8 years ago

(Disclosure: I'm one of the co-authors of BLAKE2.)

My use of BLAKE2 is in the Proof-of-Work in our upcoming cryptocurrency — https://z.cash . However, our current implementation doesn't use openssl or libressl — it uses libsodium instead.

Here is a list of crypto libraries and whether or not they support BLAKE2. Someone should add libressl to this matrix. :-) https://en.wikipedia.org/wiki/Comparison_of_cryptography_libraries#Hash_functions

Here are some other people's uses of BLAKE2: https://blake2.net/#us

Here is my argument for why BLAKE2 is great for a whole class of use cases that SHA2 and SHA3 are not good for, namely the "Big Data" use cases: https://blake2.net/acns/slides.html

In fact, MD5 and SHA1 continue to be the most widely-used hash functions for the "Big Data" use cases, even in new designs!

Note that the performance numbers in those slides are obsolete — modern BLAKE2 implementations have even better performance than is shown there.

yonas commented 8 years ago

Totally forgot to come back to this. Thanks @zookozcash !

yonas commented 8 years ago

@bob-beck Will the LibreSSL team add support for Blake2? What is the timeline for this?

DemiMarie commented 7 years ago

Blake2 is used by libsodium as well as Argon2.

omasanori commented 5 years ago

WireGuard also uses BLAKE2. (IPsec vs. OpenVPN vs. WireGuard is an entirely different topic here, though.) Some package management systems like Portage and FreeBSD pkg also support the algorithm for package metadata.

Since BLAKE2 (and its predecessor) shares the core operation with ChaCha which is already available in LibreSSL and used as arc4random in recent OpenBSD, the hash algorithm itself seems not so exotic to LibreSSL. The final decision is, however, up to you, of course.

tiran commented 4 years ago

CPython ships with copies of BLAKE2 and SHA3 implementations. As maintainer of Python's hashlib and ssl stdlib modules I'm planning to remove the copy and use SHA3 and BLAKE2 from libcrypto. OpenSSL supports both algorithm families in OpenSSL 1.1.1 and BLAKE2 MAC since 3.0.0.

Also see https://github.com/libressl-portable/portable/issues/455