HEADS UP: FreeBSD src repo transitioning to git this weekend
    Warner Losh 
    imp at bsdimp.com
       
    Tue Dec 29 01:37:23 UTC 2020
    
    
  
On Mon, Dec 28, 2020, 6:19 PM John-Mark Gurney <jmg at funkthat.com> wrote:
> Steffen Nurpmeso wrote this message on Wed, Dec 23, 2020 at 17:24 +0100:
> >  |Then there's also the point that the repo is (looks like it) using
> >  |SHA-1 hashes, which are effectively broken, so depending upon them
> >  |to validate the tree is questionable anyways.
> >
> > git uses the hardened SHA-1 for sure, which is, as far as i know,
> > at least safe against the known attack.
> > I .. have not tracked this, but i think upgrading to SHA-256 is
> > possible, once this will become standard.  Just even more
> > metadata, then.  I have not looked into this, still in progress.
>
> A new attack came out earlier this year:
> https://eprint.iacr.org/2020/014.pdf
>
> From the paper:
> > In particular, chosen-prefix collisions can break signature schemes and
> > handshake security in secure channel protocols (TLS, SSH), if generated
> > extremely quickly.
>
> The previous attack in 2017 did not break SHA-1 enough to render it's
> use by git vulnerable, but the writing was on the wall for SHA-1...
>
> I believe this new attack makes git's use a SHA-1 vulnerable...
> The type/length prefix that prevented the previous attacks from
> working is not effective against the new attack...
>
> Also, the cost of the attack is not great ($45k), considering the recent
> SolarWinds supply chain attack, being able to smuggle a modified file
> into a git repo, say an OS's build server, such that the tools don't
> know the tree is modified is a real problem...
>
Yea. The git transition team knew about these issues (though the referenced
paper is new). Too bad git's SHA-256 stuff is too immature to use yet at
scale, coupled with requiring a super new git version to even test it out.
Plus, much of the greater git ecosystem simply doesn't support SHA-256 yet.
We should, as a project, continue to test how well it works and monitor the
ecosystem for a transition in a few years when it is robust...
Warner
-- 
>   John-Mark Gurney                              Voice: +1 415 225 5579
>
>      "All that I will do, has been done, All that I have, has not."
> _______________________________________________
> freebsd-current at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscribe at freebsd.org"
>
    
    
More information about the freebsd-current
mailing list