[Cryptography] Cryptogit

[Tony Arcieri]

On Mon, Nov 9, 2015 at 8:53 PM, Phillip Hallam-Baker <phill at hallambaker.com>
wrote:

> Anyhoo. Let us imagine for a moment that it is really easy to connect
> up to a git repo in the cloud. On your Google drive or your 1Tb
> OneDrive or whatever.
>
> Wouldn't it be really nice to be able to automatically encrypt the
> data you store in the remote .git repo?
>

There are many, many systems that aspire to this sort of thing. Some are
already git compatible. Others (that have more notable cryptographic
designs) can model git-like concepts, but are not yet git compatible (but
perhaps should be). Not naming names yet as I'm not a big fan of any of
these systems (at least in the git-compatible department), but they're
certainly out there and you can find them with a bit of Googling.


> It probably wouldn't be all that hard to arrange either.


I can assure you it's a difficult problem, especially if you want both 1)
robust, modern cryptography and 2) a system that's backwards compatible
with git

For starters, git's Merkelized DAG is based on SHA1 with no futureproofing
built into the protocol. To safely encrypt and authenticate it would
require a complete wrapper based on modern primitives.

There are some safety features around collisions built into git, but they
require collisions be spotted in the wild, when an attacker might e.g. be
trying to get code A through an approval workflow, only to swap out
approved code A prior to malicious code B prior to merging, and workflow
systems built around git might try to correlate everything based around
commit SHA1s.

-- 
Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20151109/9fd4f3fd/attachment.html>