On Fri, Oct 23, 2015 at 8:59 AM, Jan Danielsson <[email protected]> wrote:
> On 22/10/15 21:02, Stephan Beal wrote: > >> So it's quite possible to have fossil with crypto grade hashes for > >> artifacts > > > > But what does that solve? > > > > So far, nobody has been able to _demonstrate_ a maliciously faked > artifact. > > Until someone can, i'm not at all convinced that this is a real problem. > > I didn't really follow the previous thread very closely, but is the > argument that sha1 is secure enough in the specific context of fossil > because it's very difficult to generate colliding artifacts (because > randomly adding data to them will be interpreted as broken artifacts > which will be rejected)? > I think the argument can be summarized as follows: The sha1 hash is not being used as a cryptographically secure hash for absolutely secure identification and validation of artifacts. It is just a hash and any other hash could have been used, but sha1 was available and convenient so why reinvent the wheel. The effort required to find a collision and then update a repository with that collision and then convince people to use the "broken" repository is much higher than just finding a sha1 collision, which is already extremely high. Since sha1 was never intended (for the purposes of fossil) to provide cryptographic level security or peace of mind, the need to replace it with something better is moot. It's just a way of providing a high level of confidence that two normal artifacts won't collide, not a way of preventing malicious actors from deliberately creating collisions. > > _______________________________________________ > fossil-dev mailing list > [email protected] > http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/fossil-dev > -- Scott Robison
_______________________________________________ fossil-dev mailing list [email protected] http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/fossil-dev
