|
|
Subscribe / Log in / New account

Moving Git past SHA-1

Moving Git past SHA-1

Posted Feb 28, 2017 19:29 UTC (Tue) by Otus (subscriber, #67685)
In reply to: Moving Git past SHA-1 by farnz
Parent article: Moving Git past SHA-1

> The issue is that weaknesses have been found in SHA-1 that reduce the complexity dramatically - from "not before heat death of the universe" to "can be done for under $1,000,000 in computer time".

SHA-1 was never at the "heat death of the universe" level. 160-bits mean a maximum collision resistance against brute force of 2^80, which is more like "current world computing power for a year". Give or take an order of magnitude.

> So far, no similar design flaw has been found in SHA-2 or SHA-3. However, no such design flaw was known when SHA-1 was standardised, either.

It took ten years to have theoretical attacks on full SHA-1. SHA-2 has stood for over fifteen, still has a clear margin between rounds broken and total rounds, not to mention would need much more than the 2^16x speedup that was found for SHA-1 to be attacked in practice.

to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds