Why does CertMagic use blake3 instead of sha256?

I notice that CertMagic uses Blake3 for the certCache.cache key. What’s the rationale for that? Why not use the tried and true sha256?

I’ve read that Bruce Schneier favors Blake2 over Sha1 and that it has some performance benefits, but I also know that the Go team isn’t particularly concerned or interested in Blake3, which seems a strong signal to me that its benefits don’t outweigh the cost to them of maintainership.

Is there really that much benefit to bring in a somewhat experimental hash algorithm as a dependency for a single call site?
(I imagine it may be used in other places in the broader codebase as well, but that’s all I’ve seen so far)

I doubt it does any harm other than the small risk of adding a supply chain attack vector (which seems very unlikely to be of consequence), but the dependencies for CertMagic are particularly well pared down, so I’m wondering what makes Blake3 so compelling for this use case?

P.S. I’m also curious to know why blake3 is using the cpuid dependency rather than the Go team’s avx2 / sse4 detection: Why use `klauspost/cpuid` rather than `x/sys/cpu` for avx2 and sse4 detection? · Issue #29 · zeebo/blake3 · GitHub

1 Like

Apologies in advance for anything stupid I say, I’m currently quite sick (strep?).

Blake3 is fast and has some nice properties over sha. I don’t recall all the reasons but I use Blake3 in other projects and it works well.

I’m also not sure that the go packages for cpu features existed when blake3 package was written. I’m mobile so I’m just guessing without looking at commits. You’d have to ask the blake3 authors.

Anyway I don’t consider blake3 experimental. It’s a very nifty hash. The go team was also interested in writing their own acme package instead of using a certain very widely used, field tested one, and I’m not sure they’re always keen to adopt lots of things into their standard or extended standard library.

Honestly all I can do is speculate the answers to most of your questions, though.

2 Likes

What about an option to select between from BLAKE3, some of the SHA-2 family, and the newer SHA-3 family?

Also see Secure Hash Algorithms - Wikipedia for SHA families comparison.