Git and the new SHA-1 prefix collision attack

Git and the new SHA-1 prefix collision attack

[Ævar Arnfjörð Bjarmason]

[CC-list carried forward from the last SHA-1 thread I found]

Thought I'd sent a brief line about this since nobody else did.

There's a newly published "From Collisions to Chosen-Prefix Collisions
Application to Full SHA-1" paper making the news this week which builds
on the SHAttered attack: https://eprint.iacr.org/2019/459.pdf

See https://shattered.io for that original attack.

I asked Marc Stevens on Twitter whether the sha1collisiondetection
library would cover the sorts of collisions generated by the method
described in this paper. He said yes:
https://twitter.com/realhashbreaker/status/1128419029536923649

Not all the details are out on this new attack, in particular the
researchers (CC'd) haven't yet published details[1] on improvements that
would make such an attack cheaper to carry out than the current
state-of-the art, which I understand from Marc's Twitter feed is
something he's skeptical about.

In any case, it looks like the sha1collisiondetection library will save
the day again. Thanks Marc & Dan!

1. https://www.zdnet.com/article/sha-1-collision-attacks-are-now-actually-practical-and-a-looming-danger/