A new hash algorithm for Git

Posted Feb 4, 2020 20:40 UTC (Tue) by tialaramex (subscriber, #21167)
In reply to: A new hash algorithm for Git by keeperofdakeys
Parent article: A new hash algorithm for Git

Basically, no.

Collisions are not a second pre-image attack. The bad guys create two blobs, which are the same size, and have the same hash but are different. They get to show you either blob and trick you by substituting the other one which you'll believe is the same because it has the same SHA-1.

An attacker would need to target git specifically, yes, but it isn't particularly more difficult as a result of tracking size and type.

A new hash algorithm for Git

Posted Feb 5, 2020 15:44 UTC (Wed) by iabervon (subscriber, #722) [Link]

You can think of the collision attacks as a special kind of back door an attacker could try to add to your code: if their object passes code review and becomes relevant to the project, they can replace it with an entirely different object. Their object will contain a bunch of bytes that have no obvious purpose, which constitute the back door. The question is whether you review all bytes of all objects, rather than putting the file through a program that interprets and displays some bytes and ignores others.

Would your project notice unmotivated color table entries in an image and ask why it was done in such an unintuitive way? Would you go through the layout logic in a PDF, rather than just looking at it?