Re: t2u in the archive
Simon Josefsson <simon@josefsson.org> writes:
> You can mitigate this by re-validating all commit hashes using a SHA1CD
> git implementation before trusting a git repository. I have not seen
> confirmation that 'git fsck' actually do that.
I convinced myself that it does. One of the things git fsck does is
recalculate the hash of every object in the repository and ensure that it
matches (this is, to a large extent, the entire point; the other checks
are sort of an addition), and since Git uses SHA1CD now, git fsck will
instantly detect this attack as soon as it does that.
I admittedly did not go so far as to track down test objects with the same
SHA-1 hash and construct an experiment. But I couldn't see any way where
git fsck could *not* detect this problem unless I'm wrong that it
recalculates all the hashes, and I'm fairly sure I'm not wrong about that.
> If some new attack implementation on SHA1 appears, that isn't detected
> by your SHA1CD variant, your validation can be by-passed.
This is true.
--
Russ Allbery (rra@debian.org) <https://www.eyrie.org/~eagle/>
Reply to: