Re: SHA1 collisions became cheaper to create.

From: Daniel Shahaf <d.s_at_daniel.shahaf.name>
Date: Wed, 15 May 2019 12:54:15 +0000

Paul Hammant wrote on Wed, 15 May 2019 12:39 +00:00:
> I'm suggesting phasing out SHA1, and during a v1.x to v1.x+1 upgrade
> do a migration script for all content to gain (say) BLAKE2 hashes
> *instead*, and for that install, client's with incompatible hashing
> are rejected.
>
> There are alternates too, where up to a moment in time a repo has
> SHA1s, and thence after has some other algo.

Hold your horses. *Why* are you proposing to phase out sha1?

For example, is it out of general concerns that a cheap preimage attack
will be discovered before long? Or do you see a specific way to use the
new attack against working copies or repositories? Or something else?

Once we've established that, we can discuss *what* to do... but you're
getting ahead of yourself by discussing *how* to phase off sha1 before
we understand *that* (arguendo) that's the right course of action.

Cheers,

Daniel
Received on 2019-05-15 14:54:26 CEST

This message: [ Message body ]
Next message: Paul Hammant: "Re: SHA1 collisions became cheaper to create."
Previous message: Paul Hammant: "Re: SHA1 collisions became cheaper to create."
In reply to: Paul Hammant: "Re: SHA1 collisions became cheaper to create."
Next in thread: Paul Hammant: "Re: SHA1 collisions became cheaper to create."
Reply: Paul Hammant: "Re: SHA1 collisions became cheaper to create."

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]