Hello,Indeed, SWHIDs rely internally on the SHA-1 algorithm. However, the hash is not computed over raw file contents alone. Instead, it is computed over a structured byte sequence that includes the object’s type and length, followed by its content. This domain separation significantly reduces the applicability of known SHA-1 collision attacks.
It is also important to note that SHA-1 is used here for identification, not for cryptographic security. The threat model for SWHIDs is content addressing and stable identification of source code artefacts, not adversarial collision resistance in a cryptographic sense.
That said, the SWHID specification explicitly includes a version component in the identifier scheme. This design choice allows for future evolution, including the introduction of stronger hash algorithms, while preserving backward compatibility. In that sense, algorithm agility was anticipated from the start, even if SHA-1 remains the current default.
Best regards. On 2026.01.19 15:21, kpcyrd wrote:
Hello!Today I learned that SWHID (also known as ISO/IEC 18670:2025) was published 1.0 in 2022 and ISO standardized in 2025, but uses the insecure[1][2] SHA-1 as core cryptographic primitive[3].Does somebody know if there's any efforts to upgrade this to sha256, sha3-256, blake2b, blake3 or similar algorithms suitable for secure content-addressing?thanks, kpcyrd [1]: https://shattered.io/ (Feb 23, 2017)[2]: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/ nistspecialpublication800-131a.pdf (SHA-1 deprecation notice from January 2011, pretty much exactly 15 years ago)[3]: https://www.swhid.org/specification/v1.2/5.Core_identifiers/
OpenPGP_signature.asc
Description: OpenPGP digital signature
