From: David Lang <dlang@digitalinsight.com>
To: "C. Scott Ananian" <cscott@cscott.net>
Cc: Petr Baudis <pasky@ucw.cz>,
omb@bluewin.ch, Ingo Molnar <mingo@elte.hu>,
git@vger.kernel.org
Subject: Re: Re: SHA1 hash safety
Date: Sat, 16 Apr 2005 15:56:20 -0700 (PDT) [thread overview]
Message-ID: <Pine.LNX.4.62.0504161549410.22652@qynat.qvtvafvgr.pbz> (raw)
In-Reply-To: <Pine.LNX.4.61.0504161114530.29343@cag.csail.mit.edu>
On Sat, 16 Apr 2005, C. Scott Ananian wrote:
> Date: Sat, 16 Apr 2005 11:36:28 -0400 (EDT)
> From: C. Scott Ananian <cscott@cscott.net>
> To: Petr Baudis <pasky@ucw.cz>
> Cc: omb@bluewin.ch, David Lang <david.lang@digitalinsight.com>,
> Ingo Molnar <mingo@elte.hu>, git@vger.kernel.org
> Subject: Re: Re: SHA1 hash safety
>
> On Sat, 16 Apr 2005, Petr Baudis wrote:
>
>>> I know the current state of the art here. It's going to take more than
>>> just hearsay to convince me that full 128-bit MD5 collisions are likely.
>>
>> http://cryptography.hyperlink.cz/MD5_collisions.html
>
> OK, OK, I spoke too sloppily. Let me rephrase:
> It's going to take more than just hearsay to convince me that full
> 128-bit MD5 collisions *IN ARBITRARILY CHOSEN DOCUMENTS* are likely.
>
> I could add, "WITHOUT SPECIAL EFFORT BY AN ATTACKER".
you are missing the point.
I'm not talking about takeing one document (sched.c) and finding a
replacement that can drop in without being noticed.
what I'm talking about is the chance that somewhere, sometime there will
be two different documents that end up with the same hash
what git is doing (in very crude sysadminish terms) is to take all the
files you care about, move them into a new directory where they are named
by their hash with a symlink that replaces the origional file (and then a
bunch of stuff to manage multiple versions of those symlinks)
if you are taking every file that you ever care about and loosing all
refrence to it except by it's hash then when you get a second file that
has the same hash you loose the contents of one of the two files (race
condition over which file gets written into the storage directory last)
anywhere else that hashing algorithms are used people realize that there
will be hash collisions and plan accordingly, however people tend to put
blinders on when you say SHA1 or MD5 and decide that somehow the same
thing cannot happen with these types of hashes.
they can, and eventually they will so you need to plan accordingly.
David Lang
--
There are two ways of constructing a software design. One way is to make it so simple that there are obviously no deficiencies. And the other way is to make it so complicated that there are no obvious deficiencies.
-- C.A.R. Hoare
next prev parent reply other threads:[~2005-04-16 22:54 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-04-16 12:24 SHA1 hash safety David Lang
2005-04-16 12:31 ` Ingo Molnar
2005-04-16 12:48 ` David Lang
2005-04-16 13:29 ` Brian O'Mahoney
2005-04-16 14:58 ` C. Scott Ananian
2005-04-16 15:11 ` Petr Baudis
2005-04-16 15:36 ` C. Scott Ananian
2005-04-16 22:56 ` David Lang [this message]
2005-04-16 23:11 ` Paul Jackson
2005-04-16 23:18 ` Martin Mares
2005-04-17 4:38 ` David A. Wheeler
2005-04-18 0:09 ` Theodore Ts'o
2005-04-16 15:49 ` ross
2005-04-17 6:35 ` Horst von Brand
2005-04-18 2:07 ` Brian O'Mahoney
2005-04-18 16:50 ` C. Scott Ananian
2005-04-16 19:16 ` Paul Jackson
2005-04-16 21:35 ` Brian O'Mahoney
2005-04-18 7:43 ` Andy Isaacson
2005-04-18 17:04 ` C. Scott Ananian
2005-04-19 22:30 ` David Meybohm
2005-04-19 22:48 ` C. Scott Ananian
2005-04-20 18:56 ` David Meybohm
2005-04-16 22:46 ` David Lang
2005-04-16 23:14 ` Paul Jackson
2005-04-16 22:33 ` David Lang
2005-04-17 3:23 ` Tkil
2005-04-17 4:09 ` Paul Jackson
2005-04-17 4:43 ` Tkil
2005-04-17 5:09 ` Paul Jackson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Pine.LNX.4.62.0504161549410.22652@qynat.qvtvafvgr.pbz \
--to=dlang@digitalinsight.com \
--cc=cscott@cscott.net \
--cc=git@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=omb@bluewin.ch \
--cc=pasky@ucw.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).