undefined | Better HN

0 pointscloudhead2y ago0 comments

If you mean collision attacks, this shouldn't be a problem with Git, since it uses Hardened SHA-1. Eventually, when Git fully migrates to SHA-2, we will offer that option as well.

> Is Hardened SHA-1 vulnerable?

> No, SHA-1 hardened with counter-cryptanalysis (see ‘how do I detect the attack’) will detect cryptanalytic collision attacks. In that case it adjusts the SHA-1 computation to result in a safe hash. This means that it will compute the regular SHA-1 hash for files without a collision attack, but produce a special hash for files with a collision attack, where both files will have a different unpredictable hash.

From https://shattered.io/

0 comments

ianopolous2y ago

So you use hardened sha1 in radicle? It would be great to see this in the docs.

cloudheadOP2y ago

Everything that is replicated on the network is stored as a Git object, using the libgit2[0] library. This library uses hardened SHA-1 internally, which is called sha1dc (for "detect collision"). Will add to the docs, good idea!

[0]: https://github.com/libgit2/libgit2/blob/ac0f2245510f6c75db1b...