From 441449e240ffceef4322661ad936928d98e3f724 Mon Sep 17 00:00:00 2001 From: Justin Clark-Casey (justincc) Date: Tue, 6 Mar 2012 00:14:21 +0000 Subject: Switch to sha256 from sha1 in order to avoid future asset hash collisions. Some successful collision attacks have been carried out on sha1 with speculation that more are possible. http://en.wikipedia.org/wiki/Cryptographic_hash_function#Cryptographic_hash_algorithms No successful attacks have been shown on sha256, which makes it less likely that anybody will be able to engineer an asset hash collision in the future. Tradeoff is more storage required for hashes, and more cpu to hash, though this is neglible compared to db operations and network access. --- OpenSim/Data/MySQL/Resources/XAssetStore.migrations | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'OpenSim/Data/MySQL/Resources') diff --git a/OpenSim/Data/MySQL/Resources/XAssetStore.migrations b/OpenSim/Data/MySQL/Resources/XAssetStore.migrations index b89eab2..d3cca5e 100644 --- a/OpenSim/Data/MySQL/Resources/XAssetStore.migrations +++ b/OpenSim/Data/MySQL/Resources/XAssetStore.migrations @@ -5,7 +5,7 @@ BEGIN; CREATE TABLE `xassetsmeta` ( `id` char(36) NOT NULL, - `hash` char(64) NOT NULL, + `hash` binary(32) NOT NULL, `name` varchar(64) NOT NULL, `description` varchar(64) NOT NULL, `asset_type` tinyint(4) NOT NULL, @@ -19,7 +19,7 @@ CREATE TABLE `xassetsmeta` ( ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='Version 1'; CREATE TABLE `xassetsdata` ( - `hash` char(64) NOT NULL, + `hash` binary(32) NOT NULL, `data` longblob NOT NULL, PRIMARY KEY (`hash`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='Version 1'; -- cgit v1.1