git.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Herczeg Zsolt <zsolt94@gmail.com>
To: Junio C Hamano <gitster@pobox.com>
Cc: "Ævar Arnfjörð" <avarab@gmail.com>, Git <git@vger.kernel.org>,
	"Theodore Ts'o" <tytso@mit.edu>
Subject: Re: Git and SHA-1 security (again)
Date: Mon, 18 Jul 2016 23:28:20 +0200	[thread overview]
Message-ID: <CAPp-VrZoJ3JwUTZ9Bjv2NwLUE3ia9fNcanbujFB5P+Kw8hAzoQ@mail.gmail.com> (raw)
In-Reply-To: <xmqq7fciis45.fsf@gitster.mtv.corp.google.com>

>> The reality of the current situation is that it's largely mitigated in
>> practice because:
>>
>> a) it's hard to hand someone a crafted blob to begin with for reasons
>> that have nothing to do with SHA-1 (they'll go "wtf is this garbage?")
>>
>> b) even in that case it's *very* hard to come up with two colliding
>> blobs that are *useful* for some nefarious purpose, e.g. a program A
>> that looks normal being replaced by an evil program B with the same
>> SHA-1.
>
> Thanks.  That's a nice rephrasing of
>
>   http://public-inbox.org/git/Pine.LNX.4.58.0504291221250.18901%40ppc970.osdl.org/
>
> where Linus explains SHA-1 is not the security, and the real
> security is in distribution.

If the real security is in the distribution, than why git supports
signed commits and objects?

The security of the signatures do depend on the hash. Saying the hash
is not a security feature and offering GPG signing based on that hash
is a damn big lie. You can change the hash algorithm to a secure one,
or change the signing method to be independent of the hash algorithm,
or you can stop offering signatures at all, but something has to be
done here.

      reply	other threads:[~2016-07-18 21:28 UTC|newest]

Thread overview: 52+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-07-16 13:48 Git and SHA-1 security (again) Herczeg Zsolt
2016-07-16 20:13 ` brian m. carlson
2016-07-16 21:46   ` Herczeg Zsolt
2016-07-16 22:03     ` brian m. carlson
2016-07-17  8:01   ` Johannes Schindelin
2016-07-17 14:21     ` brian m. carlson
2016-07-17 15:19       ` Duy Nguyen
2016-07-17 15:42         ` brian m. carlson
2016-07-17 16:23           ` Theodore Ts'o
2016-07-17 22:04             ` brian m. carlson
     [not found]               ` <1468804249.2037.0@smtp.gmail.com>
2016-07-18  1:18                 ` Fwd: " Herczeg Zsolt
2016-07-18  7:12                 ` Johannes Schindelin
2016-07-18 15:09                   ` Herczeg Zsolt
2016-07-18 15:57                     ` Johannes Schindelin
2016-07-18 16:05                       ` Duy Nguyen
2016-07-19  7:18                         ` Johannes Schindelin
2016-07-19 15:31                           ` Duy Nguyen
2016-07-19 17:34                             ` David Lang
2016-07-19 17:43                               ` Duy Nguyen
2016-07-19 17:59                                 ` David Lang
2016-07-19 18:04                                   ` Duy Nguyen
2016-07-19 18:58                                     ` Herczeg Zsolt
2016-07-20 14:48                                       ` Duy Nguyen
2016-07-20 12:28                                     ` Johannes Schindelin
2016-07-20 14:44                                       ` Duy Nguyen
2016-07-20 17:10                                         ` Stefan Beller
2016-07-20 19:26                                           ` Junio C Hamano
2016-08-22 22:01                                         ` Philip Oakley
2016-07-18 16:12                       ` Herczeg Zsolt
2016-07-19  7:21                         ` Johannes Schindelin
2016-07-18 18:00               ` Junio C Hamano
2016-07-18 21:26                 ` Jonathan Nieder
2016-07-18 23:03                 ` brian m. carlson
2016-07-21 13:19                   ` Johannes Schindelin
2016-07-21 12:53                 ` Johannes Schindelin
2016-07-22 15:59                   ` Junio C Hamano
2016-07-18  7:00       ` Johannes Schindelin
2016-07-18 22:44         ` brian m. carlson
2016-07-21 14:13           ` Johannes Schindelin
2016-07-18 16:51       ` Duy Nguyen
2016-07-19  7:31         ` Johannes Schindelin
2016-07-19  7:46           ` David Lang
2016-07-19 16:07         ` Duy Nguyen
2016-07-19 17:06           ` Junio C Hamano
2016-07-19 17:27             ` Duy Nguyen
2016-07-19 18:46               ` Junio C Hamano
2016-07-18 16:51 ` Ævar Arnfjörð Bjarmason
2016-07-18 17:48   ` Herczeg Zsolt
2016-07-18 20:01     ` David Lang
2016-07-18 20:02     ` Ævar Arnfjörð Bjarmason
2016-07-18 20:55       ` Junio C Hamano
2016-07-18 21:28         ` Herczeg Zsolt [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAPp-VrZoJ3JwUTZ9Bjv2NwLUE3ia9fNcanbujFB5P+Kw8hAzoQ@mail.gmail.com \
    --to=zsolt94@gmail.com \
    --cc=avarab@gmail.com \
    --cc=git@vger.kernel.org \
    --cc=gitster@pobox.com \
    --cc=tytso@mit.edu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).