HEADS UP: FreeBSD src repo transitioning to git this weekend
John-Mark Gurney
jmg at funkthat.com
Tue Dec 29 01:19:43 UTC 2020
Steffen Nurpmeso wrote this message on Wed, Dec 23, 2020 at 17:24 +0100:
> |Then there's also the point that the repo is (looks like it) using
> |SHA-1 hashes, which are effectively broken, so depending upon them
> |to validate the tree is questionable anyways.
>
> git uses the hardened SHA-1 for sure, which is, as far as i know,
> at least safe against the known attack.
> I .. have not tracked this, but i think upgrading to SHA-256 is
> possible, once this will become standard. Just even more
> metadata, then. I have not looked into this, still in progress.
A new attack came out earlier this year:
https://eprint.iacr.org/2020/014.pdf
>From the paper:
> In particular, chosen-prefix collisions can break signature schemes and
> handshake security in secure channel protocols (TLS, SSH), if generated
> extremely quickly.
The previous attack in 2017 did not break SHA-1 enough to render it's
use by git vulnerable, but the writing was on the wall for SHA-1...
I believe this new attack makes git's use a SHA-1 vulnerable...
The type/length prefix that prevented the previous attacks from
working is not effective against the new attack...
Also, the cost of the attack is not great ($45k), considering the recent
SolarWinds supply chain attack, being able to smuggle a modified file
into a git repo, say an OS's build server, such that the tools don't
know the tree is modified is a real problem...
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
More information about the freebsd-current
mailing list