<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">There are algorithms suitable for detecting or correcting flipped bits, like CRC32 or even fletcher4 that ZFS uses for checksums.<div class="">Those are _NOT_ suitable for comparing data, think of them more like parity, and you WILL have false matches with them even without having lots of data as they are not collision resistant at all.</div><div class="">Then there are collision resistant algorithms as already outlined below.</div><div class=""><br class=""></div><div class="">I chose SHA512 because it’s only 20% slower than SHA1 and only about 5% slower than MD5, and in any case unlikely to cause a bottleneck when resyncing or even reading data most of the time.</div><div class=""><br class=""></div><div class="">Jan<br class=""><div><br class=""><blockquote type="cite" class=""><div class="">On 31 Aug 2017, at 10:12, 大川敬臣 <<a href="mailto:yoshiomi-okawa@kccs.co.jp" class="">yoshiomi-okawa@kccs.co.jp</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class=""><div class="">Thank you all .</div><div class=""><br class=""></div><div class="">I will discuss with my team and decide it.</div><div class="">Your advice helped me!!</div><div class=""><br class=""></div><div class="">Thanks,</div></div><div class="gmail_extra"><br class=""><div class="gmail_quote">2017-08-30 10:20 GMT+09:00 Robert Altnoeder <span dir="ltr" class=""><<a href="mailto:robert.altnoeder@linbit.com" target="_blank" class="">robert.altnoeder@linbit.com</a>></span>:<br class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">On 2017/08/29 6:28 AM, Digimer wrote:<br class="">
> On 2017-08-28 09:28 PM, 大川敬臣 wrote:<br class=""></span><span class="">
>> I want to enable checksum-based synchronization by adding "csums-alg<br class="">
>> <algorithm>" to drbd.conf.<br class=""></span>
>> [...]<span class=""><br class="">
>> The algorithms (sha1, md5, crs32) are king of old ones. Can I use sha256?<br class="">
>> Is there some reason that sha256 is not used?<br class="">
>><br class="">
<br class=""></span><span class="">
> So the real question is; How concerned are you that a) two<br class="">
> blocks don't match and b) those differences are just perfectly different<br class="">
> to cause a hash collision/false match?<br class="">
<br class=""></span>
Exactly. B) is very unlikely to be caused coincidentally, it's not even<br class="">
easy to create a hash collision intentionally, since hashing algorithms<br class="">
are specifically designed to make such collisions unlikely.<span class=""><br class="">
<br class="">
> The stronger the algorithm, the more load it will place on the system. I<br class="">
> would stick with something fast, maybe md5 at the most.<br class="">
<br class=""></span>
In general, yes, but not necessarily. SHA1 is typically only slightly<br class="">
slower than MD5, but much safer.<br class="">
With SHA2, SHA512 is actually significantly faster than SHA256 on 64 bit<br class="">
architectures.<br class="">
SHA224 is basically SHA256 with truncated output, and SHA384 is<br class="">
basically SHA512 with truncated output, so those will not improve<br class="">
performance over the version with full output length.<br class="">
<br class="">
Very recent CPUs come with Intel's SSE SHA Instructions, those support<br class="">
SHA1 and SHA256, and using a special processor instruction will<br class="">
typically be faster than running most algorithms in software - so<br class="">
CPU-supported SHA256 may be faster than software-supported MD5.<br class="">
However, I doubt that there is already support for these instructions in<br class="">
the software or the compilers, because the instructions have only<br class="">
recently made it into Intel and AMD processors (the specification itself<br class="">
however is from 2013).<br class="">
<br class="">
Enough theory though, in my opinion, for just creating checksums, it<br class="">
does not really matter a lot which algorithm you use.<br class="">
Personally, I'd probably choose SHA1.<br class="">
<br class="">
Cheers,<br class="">
Robert<div class="HOEnZb"><div class="h5"><br class="">
<br class="">
______________________________<wbr class="">_________________<br class="">
drbd-user mailing list<br class="">
<a href="mailto:drbd-user@lists.linbit.com" target="_blank" class="">drbd-user@lists.linbit.com</a><br class="">
<a href="http://lists.linbit.com/mailman/listinfo/drbd-user" rel="noreferrer" target="_blank" class="">http://lists.linbit.com/mailma<wbr class="">n/listinfo/drbd-user</a><br class="">
</div></div></blockquote></div><br class=""></div>
_______________________________________________<br class="">drbd-user mailing list<br class=""><a href="mailto:drbd-user@lists.linbit.com" class="">drbd-user@lists.linbit.com</a><br class="">http://lists.linbit.com/mailman/listinfo/drbd-user<br class=""></div></blockquote></div><br class=""></div></body></html>