This is an automated email from the git hooks/post-receive script. civodul pushed a commit to branch master in repository guix-artwork.
The following commit(s) were added to refs/heads/master by this push: new e05a0e7 website: commit-authentication: Add section on SHA-1. e05a0e7 is described below commit e05a0e7559ed20966db9885f7f85fb7b6aa916db Author: Ludovic Courtès <l...@gnu.org> AuthorDate: Tue Jun 30 17:07:44 2020 +0200 website: commit-authentication: Add section on SHA-1. * website/drafts/commit-authentication.md (SHA-1): New section. --- website/drafts/commit-authentication.md | 32 +++++++++++++++++++++++++++++++- 1 file changed, 31 insertions(+), 1 deletion(-) diff --git a/website/drafts/commit-authentication.md b/website/drafts/commit-authentication.md index 1abac17..3f3a681 100644 --- a/website/drafts/commit-authentication.md +++ b/website/drafts/commit-authentication.md @@ -339,7 +339,37 @@ documented in the manual](https://guix.gnu.org/manual/devel/en/html_node/Channels.html), and we’d love to get your feedback! -# SHA1 +# SHA-1 + +We can’t really discuss Git commit signing without mentioning +[SHA-1](https://en.wikipedia.org/wiki/SHA-1). The venerable +crytographic hash function is approaching end of life, as evidenced by +[recent](https://shattered.io/) +[breakthroughs](https://sha-mbles.github.io/). Signing a Git commit +essentially boils down to signing a SHA-1 hash, because all objects in +the Git store are identified by their SHA-1 hash. + +Git is now relies on a [collision attack detection +library](https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-stevens.pdf), +that appears to mitigate practical attacks. Furthermore, the Git +project is planning a [hash function +transition](https://git-scm.com/docs/hash-function-transition/) to +address the problem. + +Some projects such as Bitcoin Core choose to not rely on SHA-1 at all. +Instead, for the commits they sign, they include in the commit log the +SHA512 hash of the tree, which the [verification scripts +check](https://github.com/bitcoin/bitcoin/tree/master/contrib/verify-commits). + +Computing a tree hash _for each commit_ in Guix would probably be +prohibitively costly. For now, for lack of a better solution, we rely +on Git’s collision attack detection and look forward to a hash function +transition. + +As for SHA-1 in an OpenPGP context: our authentication code [rejects +SHA-1 OpenPGP signatures](https://issues.guix.gnu.org/41787), as +recommended. + # Related work # Future work