Re: About git and the use of SHA-1

["Sverre Rabbelier" <alturin@gmail.com>]

On Tue, Apr 29, 2008 at 9:21 AM, Andreas Ericsson <ae@op5.se> wrote:
> Russ Dill wrote:
>  If the server is hacked and objects are replaced, they will either
>  no longer match their cryptographic signature, meaning they'll be
>  new objects or git will determine that they are corrupt, or they

We were assuming here that once SHA-1 is broken really determined
hackers will be able to come up with objects that -do- match the
SHA-1, so the above is not relevant.

>  *will* match an existing object, but then that object won't be
>  propagated to other repositories since git refuses to overwrite
>  already existing objects. [...]

What about new users cloning the repo? They're just out of luck? I
don't think this argument holds, if we want to 'advertise' that git is
cryptographically secure we can do so only as long as our hashing
algorithm is. (As such, should SHA-1 ever be fully broken we'd need to
either switch to another algorithm or stop advertising being
cryptographically secure.)

>  [...] Either way, gits refusal to overwrite
>  objects it already has plays a part in making malicious actions
>  futile, since malicious code is only worth something if it's
>  propagated and actually used.

Of course this is true, it makes it a lot harder to do damage, but it
doesn't eliminate the problem, it's just a free 'extra protection'.
Yes, malicious code is only worth something if it's propagated and
actually used, no, it is not impossible to do so in git if/when SHA-1
turns out to have collisions every other file.

-- 
Cheers,

Sverre Rabbelier