Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This makes me wonder how much security suffers if you split a file in N smaller files, compute a hash for each of them, then hash the concatenation of the hashes.


BLAKE3 and other parallelizable hashes do exactly this, but using a somewhat more complex algorithm, which ensures that the result is a secure hash.

Such an algorithm has been first published by Ralph Merkle, in 1979, but it has been improved later:

https://en.wikipedia.org/wiki/Merkle_tree

For security, it is necessary to use different hash functions at different levels in the hash tree, but this is trivially achieved by using the same hash function, but also hashing some extra distinguishing data besides the hashes from the previous level.


It's "easy" to do it right but also very common to do it wrong: https://jacko.io/tree_hashing.html




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: