undefined | Better HN

0 pointsavar11y ago0 comments

"Quite". Let's look at the potential attack. You're running a backup system with user-supplied data, fair enough, and one of your users has:

    1) Access to an existing object, or its checksum.

    2) Can write a *new* object where they intentionally
       produce a collision with an existing object.

There's a trivial way to get around this attack in practice, which is that you just lazily write objects and don't re-write an object that exists already. This is what Git does with the objects it writes, which insulates it more from future SHA-1 collision attacks than just the security you'd get from SHA-1 itself.

This means that you've changed an attack where someone can maliciously clobber an existing object to an edge case where their object just won't get backed up.

0 comments

1 comments · 1 top-level

detaro11y ago

Assuming of course that the object they want to clobber is either already backed up or processed before the malicious object. They can still attack a new object.

j / k navigate · click thread line to collapse