On Sat, Jul 16, 2016 at 3:48 PM, Herczeg Zsolt <zsolt94@xxxxxxxxx> wrote: > I would like to discuss an old topic from 2006. I understand it was > already discussed. The only reason i'm sending this e-mail is to talk > about a possible solution which didn't show up on this list before. You mention the 2006 discussion, but I wonder if you've read the more recent discussion from April on the subject. > I think we all understand that SHA-1 is broken. It still works perfect > as a storage key, but it's not cryptographically secure anymore. Git > is not moving away from SHA-1 because it would break too many > projects, and cryptographic security is not needed but git if you have > your own repository. > > However I would like to show some big problems caused by SHA-1: > - Git signed tags and signed commits are cryptographically insecure, > they're useless at the moment. > - Git Torrent (https://github.com/cjb/GitTorrent) is also > cryptographically broken, however it would be an awesome experiment. > - Linus said: "You only need to know the SHA-1 of the top of your > tree, and if you know that, you can trust your tree." That's not true > anymore. You have to trust your computer, you servers, your git > provider in a way that no-one can maliciously modify your data. In particular, as far as I know and as Theodore Ts'o's post describes better than I could[1], you seem to be confusing preimage attacks with collision attacks, and then concluding that because SHA1 is vulnerable to collision attacks that use-cases that would need a preimage attack to be compromised (which as far is I can tell, includes all your examples) are also "broken". 1. http://thread.gmane.org/gmane.comp.version-control.git/291305/focus=291511 -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html