Re: Migrating away from SHA-1?

[Joey Hess]

Theodore Ts'o wrote:
> OK, so how does this map to git?  First of all, from a collision
> perspective, the two blobs have to map into valid C code

Git provides other places to hide the colliding blobs; the best seems to
be as an added header in the commit object, or as trailing data after a \0
in the commit message. git is very good at hiding such potentially
colliding data from the user, as https://github.com/joeyh/supercollider
demonstrates.

commit 24f30db5790b209fa412ce81c5ef2bf8af5fd4d7
Author: Joey Hess <j...@kitenet.net>
Date:   Fri Sep 9 11:49:21 2011 -0400

    an innocent commit
    
    If this were a sha1 colliding attack, there would be some sort of binary
    garbage below. Which there isn't. So this can be safely merged.

joey@darkstar:~/tmp/supercollider>git cat-file -p 
24f30db5790b209fa412ce81c5ef2bf8af5fd4d7
tree 735a7633237c07b398856005de3bc9ea00446747
author Joey Hess <j...@kitenet.net> 1315583361 -0400
committer Joey Hess <j...@kitenet.net> 1315583361 -0400

an innocent commit

If this were a sha1 colliding attack, there would be some sort of binary
garbage below. Which there isn't. So this can be safely merged.



??b???[?i??ͯ?t?
2??????os?<????h?+,M?mY?e?EW?iv$???J??U}n~???L??????f???ě??3>?Q??H?޸*zl?RA˂q?E
?E7???\?m???U?>MU 
GY?d)?ȼ??'g?~D??ɯhQ????/"E??X?m???^͸??S?D??;w6(?`??>?縘?AѲ?*!??@v????>?8??2?!??=*?J
       

???
ynH???c?w?\??K7???N?6?????A5?FM?wZ?~?pKY?R???s7??(?ƶ?_"??m%????1a??ʀ??K[
t????!A0?ΈfT.?T?w?򁛵ƌ?р???aco?V/2??nَ?
?}?6?_?z?{


(The other possibility would be to hide the colliding blob in the tree
object, but that seems unlikely.)

-- 
see shy jo

signature.asc
Description: PGP signature