Unsolved
This post is more than 5 years old
40 Posts
0
2058
Why not SHA1?
I'm curious. Why was SHA0 selected over SHA1 for Atmos checksums? I am far from an encryption expert but a quick look online indicates that SHA0 was discarded nearly 20 years ago and replaced with SHA1 due to a significant flaw in the SHA0 algorithm.
rbala1
222 Posts
0
August 4th, 2011 13:00
Mark,
Our checksum feature is designed to allow us to add other algorithms in the future, but the reason we started with SHA0 was based on a particular customer request.
Raj
amarcionek
56 Posts
0
August 18th, 2011 12:00
I'll second the request to add other schemes in the future.
Another neat thing would be to switch the way its handled. Right now, I have to calculate the checksum before I even send any data. This requires me to pass the whole object through the calculation and then send the data, meaning I have to pass through the data twice. It would be nice if I could calculate the checksum as I'm sending the object, meaing I only have to pass through the data once.
The way to do that would be to tell Atmos to calculate the checksum using algorithm A and return the checksum as a header in the response. As I'm streaming that data out, I pass it through my checksum function inline. I then compare the checksum in the header returned with the one I calculated before sending it out over the line, and if they differ, then something went wrong and I should delete the object and try again.
Its too bad HTTP doesn't have "footers" as well as headers so we could send trailing metadata!
DarrenSoothill
15 Posts
0
August 19th, 2011 02:00
Could you not manage the checksum yourself by adding it as metadata to the object.
You send the object to Atmosncalculating the checksum as you go and then add it as piece of custom metadata to the object.
Then when you read the object back you also read the custom metadata and calculate the checksum when reading back.
This way you can guarantee the data written to disk and retrieved across the network is exactly the same. You could also store the metadata locally with object ID.
amarcionek
56 Posts
0
August 19th, 2011 08:00
True. But I see 3 issues/inefficiencies:
JasonCwik
281 Posts
0
August 19th, 2011 12:00
I have a couple more alternatives for you too: