| |||||||||||||
Security of a git treeSecurity of a git treePosted Mar 26, 2011 20:39 UTC (Sat) by smurf (subscriber, #17840)In reply to: Security of a git tree by foom Parent article: Arch Linux and (the lack of) package signing
SHA1 is broken WRT collisions, i.e. you can find (with a lot of effort) two "random" bytestrings which hash to the same SHA1.
That's not the same as finding a bytestring which hashes to a given SHA1, which is still easier than to find a bytestring with, together with a given ASCII pre- and postamble, will match that given SHA1.
I don't think there's a feasible attack for the latter. But as SHA1 is considered "broken enough" that it should be phased out, AFAIK current efforts on one-way hashes are more focused on trying to break the several candidates for SHA's replacement, than to break SHA1 'even more'.
(Log in to post comments)
Security of a git tree Posted Mar 28, 2011 11:01 UTC (Mon) by nye (guest, #51576) [Link]
>SHA1 is broken WRT collisions, i.e. you can find (with a lot of effort) two "random" bytestrings which hash to the same SHA1.
In principle yes, but nobody's ever actually done it with full SHA1 - until it gets a bit more broken than it currently is, going beyond proof-of-concept attacks on much reduced versions of SHA1 would still require more computing power than is currently feasible.
>But as SHA1 is considered "broken enough" that it should be phased out
True, it would be a bad choice for something new, but things aren't so terribly bad for SHA-1 yet - hell, there aren't even any pre-image attacks for *MD5* yet AFAIK and that's been considered utterly broken for *years*.
|
|||||||||||||