Uploaded image for project: 'Fabric'
  1. Fabric
  2. FAB-887

Use SHA-2 as the default hash in all Hyperledger fabric components

    Details

    • Type: Story
    • Status: Closed (View Workflow)
    • Priority: High
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: v1.0.0
    • Component/s: None
    • Labels:
      None
    • SDK Impact:
      Unset
    • System Test Impact:
      Unset
    • Documentation Impact:
      Unset

      Description

      To those of us looking at the Hyperledger fabric (HLF) from a hardware point
      of view, the current default of using SHA-3 for block hashing, and in other
      HLF proposals has been confusing for several reasons:

      1. According to NIST:

      "NIST encourages application and protocol designers to implement SHA-256
      at a minimum for any applications of hash functions requiring
      interoperability."

      "Currently there is no reason to transition applications from SHA-2 to
      SHA-3"

      http://csrc.nist.gov/groups/ST/hash/policy.html
      (Updated September 14, 2016)

      2. Current Intel, IBM and ARM server processors provide instruction set
      support for accelerating SHA256.

      3. Multiple vendors offer low-cost, low-power ASICs with validated
      implementations for accelerating current internet security standards that
      include SHA256. Components like these might also prove useful for accelerating
      HLF applications.

      4. Although it is not my area of expertise, I am not aware of any network
      security standards that require SHA-3. I do know that the latest draft of the
      TLSv1.3 specification does not mention SHA-3:

      https://tools.ietf.org/html/draft-ietf-tls-tls13-18
      (Updated October 26, 2016)

      We can speculate on whether or not we will see widespread hardware support for
      SHA-3 acceleration until or unless SHA-3 becomes part of such a standard.

      Given the above, it seems premature for the HLF to default to the use of
      SHA-3, which use is pervasive throughout the HLF codebase. I would suggest that
      all HLF components of the V1 architecture be immediately modified to default
      to the use of the recommended SHA-2 family of hash functions. I consider this a "bug" because it impacts interoperability, and it is important to correct the default behavior prior to the V1 code release.

        Attachments

          Activity

            Toggl

            Enter your Toggl API token
            Mark as billable
            Apply JIRA issue labels


            {{ currentTimer.description|limitTo:35 }}...
            {{hours}} hour{{hoursS}}, {{minutes}} minute{{minutesS}}, {{seconds}} second{{secondsS}}

              People

              • Assignee:
                Unassigned
                Reporter:
                bcbrock Bishop Brock
              • Votes:
                0 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Git Source Code