SHA-1 and Git (was Re: [tahoe-dev] Tahoe-LAFS key management, part 2: Tahoe-LAFS is like encrypted git)
Perry E. Metzger
perry at piermont.com
Wed Aug 19 17:28:37 EDT 2009
"James A. Donald" <jamesd at echeque.com> writes:
> Getting back towards topic, the hash function employed by Git is
> showing signs of bitrot, which, given people's desire to introduce
> malware backdoors and legal backdoors into Linux, could well become a
> problem in the very near future.
I believe attacks on Git's use of SHA-1 would require second pre-image
attacks, and I don't think anyone has demonstrated such a thing for
SHA-1 at this point. None the less, I agree that it would be better if
Git eventually used better hash functions. Attacks only get better with
time, and SHA-1 is certainly creaking.
Emphasis on "eventually", however. This is a "as soon as convenient, not
as soon as possible" sort of situation -- more like within a year than
within a week.
Yet another reason why you always should make the crypto algorithms you
use pluggable in any system -- you *will* have to replace them some day.
Perry
--
Perry E. Metzger perry at piermont.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list