Sam Trenholme's webpage
Support this website or listen to my music

Why is Git still using SHA-1


October 4 2012

Back in 2008, Dancho Danchev praised MaraDNS, my DNS implementation, for being secure. At the time, there was a nasty attack against DNS implementations making the rounds. MaraDNS was immune because, back in 2001, I listened to what DJB had to say.

DJB has just posted the following on the SHA-3 mailing list:

the details of the original MD5 collision attack turned out to be a terrifying indictment of the structure of MD5, and the details of the SHA-1 attack are similarly scary

An anonymous poster on Slashdot posted back in 2009 a plausible attack scenario with Git using collisions in SHA-1. There was also some mumbling in the blogosphere back then for GIT to update its underlying cryptographic primitive.

The bottom line is this: It is high time for Git to move on beyond SHA-1. Ideally, Git should store hashes in an "algorithm:hash" format, and support all four variants of both SHA-2 and now SHA-3.

The above picture contains an image from the Star Trek: The Next Generation episode "Ménage à Troi", copyright 1990 CBS Studios. I believe this use of the image qualifies as fair use, since it is only a very low-resolution single frame, and its use does not harm (indeed it may even help) the market for the original work.

In order to reduce spam, comments for this entry are now closed

Previous entry Next entry Blog index