Details
-
New Feature
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
Description
Brief historical context: the original Blake hash algorithm was a finalist in the SHA-3 competition. The second version, Blake2, has several variants, the most popular seem to be Blake2b and Blake2s, though there are a few others that are tuned and tweaked for different use cases. This brings us to Blake3, the third version of the hash algorithm which unifies the variants into a single interface along with further tuned security parameters for increased performance with negligible impact on security.
Blake3 is extremely versatile and offers interfaces to use it as a message digest (hash) function, pseudorandom function (PRF), a message authentication code (MAC), a key derivation function (KDF), and an extensible output function (XOF). It is also faster than MD5 and SHA-1 (and SHA-2 and SHA-3) while remaining secure which makes it handy for less security-intensive contexts, too, like file hashing.
While implementing a MessageDigestSpi is fairly straightforward, a MacSpi needs to be loaded from a signed jar which would complicate things a bit here. A generic commons API here might be easiest to deal with (previous idea of SHO API is a higher level feature).
Attachments
Issue Links
- links to