W dniu 23.02.2017 o 18:12, David Lang pisze: > On Thu, 23 Feb 2017, Junio C Hamano wrote: > >> On Thu, Feb 23, 2017 at 8:43 AM, Joey Hess <id@xxxxxxxxxx> wrote: >>> >>> Since we now have collisions in valid PDF files, collisions in >>> valid git commit and tree objects are probably able to be >>> constructed. >> >> That may be true, but >> https://public-inbox.org/git/Pine.LNX.4.58.0504291221250.18901@xxxxxxxxxxxxxxx/ >> > > it doesn't help that the Google page on this explicitly says that > this shows that it's possible to create two different git repos that > have the same hash but different contents. > > https://shattered.it/ > > How is GIT affected? GIT strongly relies on SHA-1 for the > identification and integrity checking of all file objects and > commits. It is essentially possible to create two GIT repositories > with the same head commit hash and different contents, say a benign > source code and a backdoored one. An attacker could potentially > selectively serve either repository to targeted users. This will > require attackers to compute their own collision. The attack on SHA-1 presented there is "identical-prefix" collision, which is less powerful than "chosen-prefix" collision. It is the latter that is required to defeat SHA-1 used in object identity. Objects in Git _must_ begin with given prefix; the use of zlib compression adds to the difficulty. 'Forged' Git object would simply not validate... https://arstechnica.com/security/2017/02/at-deaths-door-for-years-widely-used-sha1-function-is-now-dead/