I've tried to avoid innovating in the area of cryptography with
clearskies, focusing on trying to be the best at peer-to-peer sync
instead. (I'm also not a cryptographer, so I've tried to be as
conservative as possible in this area.)
> Since clearskies would have to hash huge amounts of data on mobile
> devices it might make sense to pick a more performant hash function.
The benchmark you linked, while impressive, doesn't show what
performance is like on 32-bit ARM processors, which is the only place
where the SHA256 computation is going to the bottleneck [1]. However,
most mobile devices have limited storage, so I don't think it will be a
practical issue.
The biggest exception is something like a raspberry pi, since they can
have terabytes of data attached. I have a similar device (a
sheevaplug), which can do sha256 at 28MB/s (according to `openssl speed
sha256`). That works out to ten hours per terabyte, but since
checksumming is a one-time thing, and the network syncing can start
before the checksumming has finished, I think that's OK.
> It's not too late into the project to consider such a change.
It's certainly not too late. I think we should keep the protocol in
draft status through the alpha period of the software, only locking it
down as we get to a "beta". That way we can see how things work in the
real world and make adjustments, including changing out the checksum
algorithm.
Also as the project gains momentum, I hope we can attract some
cryptographers who can help us make some informed improvements.
Steven
[1]: On a normal desktop, the disk is probably going to be the
bottleneck. My i7 can do 300MB/s on a single core. If there are
multiple files to checksum, more cores can be involved.