On Mon, Oct 15, 2012 at 6:42 PM, Elia Pinto <[email protected]> wrote:
> Very clear analysis. Well written. Perhaps is it the time to update
> http://git-scm.com/book/ch6-1.html (A SHORT NOTE ABOUT SHA-1) ?
>
> Hope useful
>
> http://www.schneier.com/crypto-gram-1210.html
This would be concerning if the Git security model would break down if
someone found a SHA1 collision, but it really wouldn't.
It's one thing to find *a* collision, it's quite another to:
1. Find a collision for the sha1 of harmless.c which I know you use,
and replace it with evil.c.
2. Somehow make evil.c compile so that it actually does something
useful and nefarious, and doesn't just make the C compiler puke.
If finding one arbitrary collision costs $43K in 2021 dollars
getting past this point is going to take quite a large multiple of
$43K.
3. Somehow inject the new evil object into your repository, or
convince you to re-clone it / clone it from somewhere you usually
wouldn't.
At some point in the early days of Git Linus went on a rant to this
effect either on this list or on the LKML.
Maybe it would be useful to include some of that instead?
It would be very interesting to see an analysis that deals with some
actual Git-related security scenarios, instead of something that just
assumes that if someone finds *any* SHA1 collision the sky is going to
fall.
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
