All geek questions in one place

Git planning to change their hash function?

Say, in the future, SHA1 will be hacked to such an extent that it is possible to create malicious commits for a given commit identifier. Do Git people have a contingency migration plan to change their hash function without requiring updating clients and repositories at the same time?

Does the current version of Git have any code to intelligently recognize different hashing algorithms and provide a good message to the user if it does not recognize it? Is the hashing algorithm stored anywhere in the repo? Will they add prefixes to hashes like $#$ in /etc/shadow to indicate a different hash algorithm?

+5
source share
1 answer

This happens quite often.

A recent stream shows that back in November 2014, this is a slightly interchangeable change:

Is there a plan to improve the best hash function in the future? (For example, if it becomes an urgent need.)

What are the barriers to accepting hash replacements? Just documenting this will go a long way to providing an opportunity for updates.

The biggest obstacle is the assumption that SHA-1 is everywhere in the source code (for example, it is assumed that the object name always takes 20 bytes). Brian began to clear it [1], but I think he stalled. Then we need to handle the update path for the SHA-1 repositories.

If and when the Git developers decide to move away from SHA-1, they will have some work to do. At the moment, there seems to be no clear plan, but there seem to be no important technical hurdles.

+7
source

Source: https://habr.com/ru/post/1210815/

More articles:


All Articles