<div dir="ltr"><div>Thank you all .</div><div><br></div><div>I will discuss with my team and decide it.</div><div>Your advice helped me!!</div><div><br></div><div>Thanks,</div></div><div class="gmail_extra"><br><div class="gmail_quote">2017-08-30 10:20 GMT+09:00 Robert Altnoeder <span dir="ltr"><<a href="mailto:robert.altnoeder@linbit.com" target="_blank">robert.altnoeder@linbit.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">On 2017/08/29 6:28 AM, Digimer wrote:<br>
> On 2017-08-28 09:28 PM, 大川敬臣 wrote:<br></span><span class="">
>> I want to enable checksum-based synchronization by adding "csums-alg<br>
>> <algorithm>" to drbd.conf.<br></span>
>> [...]<span class=""><br>
>> The algorithms (sha1, md5, crs32) are king of old ones. Can I use sha256?<br>
>> Is there some reason that sha256 is not used?<br>
>><br>
<br></span><span class="">
> So the real question is; How concerned are you that a) two<br>
> blocks don't match and b) those differences are just perfectly different<br>
> to cause a hash collision/false match?<br>
<br></span>
Exactly. B) is very unlikely to be caused coincidentally, it's not even<br>
easy to create a hash collision intentionally, since hashing algorithms<br>
are specifically designed to make such collisions unlikely.<span class=""><br>
<br>
> The stronger the algorithm, the more load it will place on the system. I<br>
> would stick with something fast, maybe md5 at the most.<br>
<br></span>
In general, yes, but not necessarily. SHA1 is typically only slightly<br>
slower than MD5, but much safer.<br>
With SHA2, SHA512 is actually significantly faster than SHA256 on 64 bit<br>
architectures.<br>
SHA224 is basically SHA256 with truncated output, and SHA384 is<br>
basically SHA512 with truncated output, so those will not improve<br>
performance over the version with full output length.<br>
<br>
Very recent CPUs come with Intel's SSE SHA Instructions, those support<br>
SHA1 and SHA256, and using a special processor instruction will<br>
typically be faster than running most algorithms in software - so<br>
CPU-supported SHA256 may be faster than software-supported MD5.<br>
However, I doubt that there is already support for these instructions in<br>
the software or the compilers, because the instructions have only<br>
recently made it into Intel and AMD processors (the specification itself<br>
however is from 2013).<br>
<br>
Enough theory though, in my opinion, for just creating checksums, it<br>
does not really matter a lot which algorithm you use.<br>
Personally, I'd probably choose SHA1.<br>
<br>
Cheers,<br>
Robert<div class="HOEnZb"><div class="h5"><br>
<br>
______________________________<wbr>_________________<br>
drbd-user mailing list<br>
<a href="mailto:drbd-user@lists.linbit.com" target="_blank">drbd-user@lists.linbit.com</a><br>
<a href="http://lists.linbit.com/mailman/listinfo/drbd-user" rel="noreferrer" target="_blank">http://lists.linbit.com/mailma<wbr>n/listinfo/drbd-user</a><br>
</div></div></blockquote></div><br></div>