| 1 |
On Tue, Jun 09, 2009 at 03:50:35AM +0200, Robert Buchholz wrote: |
| 2 |
> > I only stated that we need to offer GPG signing of commits. I did NOT |
| 3 |
> > specify the content of commits, other than noting that the commit |
| 4 |
> > message and the content needs to be signed together. |
| 5 |
> I don't think I understood what you meant to say, sorry. As I understand |
| 6 |
> the current proposal, it would be over the SHA-1 of the objects, the |
| 7 |
> parent and the commit message. |
| 8 |
That's what I'd like it to be over yes. |
| 9 |
|
| 10 |
> I have not seen any statements that would indicate they intended to |
| 11 |
> switch ever, do you have a reference? |
| 12 |
I'll dig around for it, it was just in reading the list directly. |
| 13 |
There is minimal value in switching to even SHA-512 right now for Git. |
| 14 |
The SHA-1 attacks have been extended to the entire SHA family. |
| 15 |
|
| 16 |
> I only found discussions as recent as April 2008. If it will be |
| 17 |
> possible to use one (at that time) stronger hash function, my argument |
| 18 |
> is defeated. I wanted to point out that right now they only support |
| 19 |
> one function that is increasingly weakened, and I have the feeling |
| 20 |
> upstream will only act once collisions become practical, which is |
| 21 |
> -IMHO- too late. |
| 22 |
We're at their mercy already. If you can attack SHA1 and choose the hash |
| 23 |
of your malicious content given the only restriction as the file size, |
| 24 |
you can insert a file anywhere in the repository already. |
| 25 |
|
| 26 |
All of the attacks thusfar have been chosen plaintext and preimage |
| 27 |
attacks. Current state of the art for SHA-1 is 2^52, as announced here: |
| 28 |
http://eurocrypt2009rump.cr.yp.to/837a0a8086fa6ca714249409ddfae43d.pdf |
| 29 |
(and I think SHA-512 is around 2^140, weaker than even bruteforce |
| 30 |
against SHA-1). |
| 31 |
|
| 32 |
I'd be far more concerned about a user introducing a chosen plaintext |
| 33 |
that he already has the attack against. |
| 34 |
|
| 35 |
-- |
| 36 |
Robin Hugh Johnson |
| 37 |
Gentoo Linux Developer & Infra Guy |
| 38 |
E-Mail : robbat2@g.o |
| 39 |
GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 |
Archives