"Geoffrey Irving" <irving@xxxxxxx> writes: > Here's the standard scenario for a hash collision attack, with > parties, A, B, and C: > > 1. C, the malicious one, computes the standard two pdfs with matching > sha1 hashes. > 2. C sends the valid pdf to B through a git commit, and B signs it with a tag. > 3. C grabs the signature, and then forwards the "signed" commit to A, > but substitutes the invalid pdf with the same hash. Just to add my 2 cents, examples of this are available on the web, like: http://th.informatik.uni-mannheim.de/People/Lucks/HashCollisions/ Same size, same hash. But that's with md5, not sha1. -- Matthieu -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
