1

According to http://www.pcworld.com/article/3174676/security/sha-1-collision-can-break-svn-code-repositories.html and https://www.theregister.co.uk/2017/02/23/google_first_sha1_collision/ you could have two objects generating the same SHA-1 checksum. I am guessing this also effects in key generation as well.

Is there a way a project which is starting and using git could do to make sure that it uses SHA-256 from the start instead of relying on SHA-1 . If yes, how ?

Comments, observations all welcome.

shirish
  • 151
  • 4
  • 1
    i don't see a need to change anything. In GIT, SHA is just for identifying different versions of a code, not security. The odds of a conflict, in the same branch, that would mess up a dependent commit, are so low they don't indicate any need whatsoever; it's never happened, and likely never will. Look at the sheer amount of effort to try to find one conflict on-purpose! This is why MD5 still works for managing backups. If i use a mac as a boat anchor, i don't care about an OSX vulnerability. – dandavis Mar 09 '17 at 22:34
  • Do you mean use sha2 in git, or in your project? – Xiong Chiamiov Mar 10 '17 at 08:17
  • I would say both, but project is probably the first preference. – shirish Mar 10 '17 at 11:58
  • @XiongChiamiov ^ – shirish Mar 10 '17 at 14:38

2 Answers2

3

The issue with SHA-1 is not an issue unless you are trying to generate two pieces of data who's SHA-1 collide. This is a lot different than generating one SHA-1 that collides with an existing SHA-1 which is what you would have to do to compromise sourceforge or github. This is a statistical difference that is best described with the birthday attack (https://en.wikipedia.org/wiki/Birthday_attack).

MikeSchem
  • 2,311
  • 1
  • 13
  • 36
  • thank you for attempting to answer and while I'll certainly look at the Birthday attack, I have tried to put the question where it's no so broad, sorry for not giving the accepted answer. – shirish Mar 10 '17 at 00:13
0

In a new project, it's fairly easy to not use sha-1: just don't use sha-1. In most cases the library calls will be pretty explicit, but just make sure to read the documentation any time you're doing crypto work. Common places this comes up are password hashing (see how to store a password) and hmac.

You've mentioned that you're also concerned about git. There is nothing you can do here, because git does not provide a pluggable or configurable hash algorithm. You should just continue to use git as normal and wait for the eventual migration in an update.

Xiong Chiamiov
  • 9,402
  • 2
  • 35
  • 78