From a2bf0ea1706f501b44b538b9a14270657a1b92de Mon Sep 17 00:00:00 2001
From: Alex Gaynor <alex.gaynor@gmail.com>
Date: Sun, 28 Aug 2016 23:15:37 -0400
Subject: Mention that blake2 is not vulnerable to length-extension attacks
 (#3118)

* Mention that blake2 is not vulnerable to length-extension attacks

* SHA is sort of like a word, in the sense that I want the spellcheck to shut up about it

* rephrase
---
 docs/hazmat/primitives/cryptographic-hashes.rst | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'docs/hazmat/primitives')

diff --git a/docs/hazmat/primitives/cryptographic-hashes.rst b/docs/hazmat/primitives/cryptographic-hashes.rst
index b0e9c16a..fd5f35d9 100644
--- a/docs/hazmat/primitives/cryptographic-hashes.rst
+++ b/docs/hazmat/primitives/cryptographic-hashes.rst
@@ -120,7 +120,9 @@ SHA-2 family
 BLAKE2
 ~~~~~~
 
-`BLAKE2`_ is a cryptographic hash function specified in :rfc:`7693`.
+`BLAKE2`_ is a cryptographic hash function specified in :rfc:`7693`. BLAKE2's
+design makes it immune to `length-extension attacks`_, an advantage over the
+SHA-family of hashes.
 
 .. note::
 
@@ -224,3 +226,4 @@ Interfaces
 
 .. _`Lifetimes of cryptographic hash functions`: http://valerieaurora.org/hash.html
 .. _`BLAKE2`: https://blake2.net
+.. _`length-extension attacks`: https://en.wikipedia.org/wiki/Length_extension_attack
-- 
cgit v1.2.3