Migrating away from SHA-1?

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "H. Peter Anvin" <hpa@zytor.com>
To: "git@vger.kernel.org" <git@vger.kernel.org>
Subject: Migrating away from SHA-1?
Date: Tue, 12 Apr 2016 15:38:04 -0700	[thread overview]
Message-ID: <570D78CC.9030807@zytor.com> (raw)

OK, I'm going to open this can of worms...

At what point do we migrate from SHA-1?  At this point the 
cryptoanalysis of SHA-1 is most likely a matter of time.

For existing repositories we will need to have a migration mechanism. 
Since we can't modify objects without completely invalidating the 
cryptographic properties, what I would suggest is that we leave the 
existing objects as is, with a persistent lookup table from SHA-1 to 
<new hash>, and have that lookup table signed (e.g. GPG) by the person 
responsible for converting the repository.  This freezes the 
cryptographic status of the existing SHA-1 objects at the time the 
conversion happens.  This is a very good reason to do this before SHA-1 
is actually broken  In contrast. SHA-2 has been surprisingly resistant 
to cryptoanalysis, to the point that SHA-3 was motivated by performance 
and the desire to have a well-tested function based on entirely 
different principles should a generic attack against the common 
structure of MD5/SHA-1/SHA-2 would ever be found.

	-hpa

next             reply	other threads:[~2016-04-12 22:38 UTC|newest]

Thread overview: 24+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-04-12 22:38 H. Peter Anvin [this message]
2016-04-12 23:00 ` Migrating away from SHA-1? Stefan Beller
2016-04-12 23:06   ` H. Peter Anvin
2016-04-12 23:15   ` Jeff King
2016-04-12 23:15   ` David Turner
2016-04-12 23:44     ` Jeff King
2016-04-14  1:53     ` Theodore Ts'o
2016-04-14 16:47       ` Joey Hess
2016-04-14 17:23       ` David Turner
2016-04-14 17:28         ` H. Peter Anvin
2016-04-14 22:40           ` Theodore Ts'o
2016-04-15  2:13             ` Jeff King
2016-04-15  2:18               ` Junio C Hamano
2016-04-15  2:22                 ` Jeff King
2016-04-12 23:42 ` Jeff King
2016-04-13  1:03   ` Junio C Hamano
2016-04-13  1:36     ` Jeff King
2016-04-13  1:38     ` H. Peter Anvin
2016-04-13  1:51 ` Duy Nguyen
2016-04-13  1:58   ` H. Peter Anvin
2016-04-15  1:50     ` brian m. carlson
  -- strict thread matches above, loose matches on Subject: below --
2016-06-18  2:10 Leo Gaspard
2016-06-18  3:30 ` Eric Wong
2016-06-24 18:17 ` brian m. carlson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=570D78CC.9030807@zytor.com \
    --to=hpa@zytor.com \
    --cc=git@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.