diff options
| author | Tim Ruffing <tim.ruffing@mmci.uni-saarland.de> | 2017-02-24 11:04:54 +0100 |
|---|---|---|
| committer | bitcoindev <bitcoindev@gnusha.org> | 2017-02-24 10:13:09 +0000 |
| commit | fb3ca496fd3a7db5dd4dc16a9f8256d38db1352f (patch) | |
| tree | 2e4fbb63bfa4f9a6d3051ff2f0c2f4403139e706 | |
| parent | 8d538bdbe58954ea90f78603991bb4fb712b2b2b (diff) | |
| download | pi-bitcoindev-fb3ca496fd3a7db5dd4dc16a9f8256d38db1352f.tar.gz pi-bitcoindev-fb3ca496fd3a7db5dd4dc16a9f8256d38db1352f.zip | |
Re: [bitcoin-dev] SHA1 collisions make Git vulnerable to attakcs by third-parties, not just repo maintainers
| -rw-r--r-- | 84/26468f4d70e64b449a052d47695e1f22631318 | 90 |
1 files changed, 90 insertions, 0 deletions
diff --git a/84/26468f4d70e64b449a052d47695e1f22631318 b/84/26468f4d70e64b449a052d47695e1f22631318 new file mode 100644 index 000000000..f61c5e904 --- /dev/null +++ b/84/26468f4d70e64b449a052d47695e1f22631318 @@ -0,0 +1,90 @@ +Return-Path: <tim.ruffing@mmci.uni-saarland.de> +Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org + [172.17.192.35]) + by mail.linuxfoundation.org (Postfix) with ESMTPS id 332B3958 + for <bitcoin-dev@lists.linuxfoundation.org>; + Fri, 24 Feb 2017 10:13:09 +0000 (UTC) +X-Greylist: delayed 00:08:09 by SQLgrey-1.7.6 +Received: from hera.mpi-klsb.mpg.de (hera.mpi-klsb.mpg.de [139.19.1.49]) + by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 6C1DB144 + for <bitcoin-dev@lists.linuxfoundation.org>; + Fri, 24 Feb 2017 10:13:08 +0000 (UTC) +DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; + d=mmci.uni-saarland.de; s=mail200803; + h=Content-Transfer-Encoding:Mime-Version:Content-Type:References:In-Reply-To:Date:To:From:Subject:Message-ID; + bh=/UiT1MrDIAxpXMMuvE+HNArRFpwMYaM4ukh1cAbcpX4=; + b=h6lbJ9iOub4IM21lKHETwuprg/O7D06i5+kVUsTdC9ssbeIIvIzNqHmwV3iGCTBSzJgtkCn+2c2BkDeHcg0MmSxyW5B8qWB+tsxLbv9n+xeepAkhrvZn3uBa2KRNUL9XCLN878yczqPqy2KPoCqOoVh0qJBhX5IPWNxEHGamC3c=; +Received: from sam.mpi-klsb.mpg.de ([139.19.86.26]:56010) + by hera.mpi-klsb.mpg.de (envelope-from + <tim.ruffing@mmci.uni-saarland.de>) + with esmtps (TLS1.2:RSA_AES_128_CBC_SHA1:128) + (Exim 4.80) id 1chCkB-0007fR-9o + for bitcoin-dev@lists.linuxfoundation.org; + Fri, 24 Feb 2017 11:04:57 +0100 +Received: from mbpc48.cs.uni-saarland.de ([134.96.225.161]:59644) + by sam.mpi-klsb.mpg.de (envelope-from + <tim.ruffing@mmci.uni-saarland.de>) + with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) + (Exim 4.84_2) id 1chCkB-0005xp-41 + for bitcoin-dev@lists.linuxfoundation.org; + Fri, 24 Feb 2017 11:04:55 +0100 +Message-ID: <1487930694.1528.1.camel@mmci.uni-saarland.de> +From: Tim Ruffing <tim.ruffing@mmci.uni-saarland.de> +To: bitcoin-dev@lists.linuxfoundation.org +Date: Fri, 24 Feb 2017 11:04:54 +0100 +In-Reply-To: <76fa5d76-6c54-e13e-7b55-a4409ef536f5@gmail.com> +References: <20170223181409.GA6085@savin.petertodd.org> + <20170223212802.GA7608@savin.petertodd.org> + <76fa5d76-6c54-e13e-7b55-a4409ef536f5@gmail.com> +Content-Type: text/plain; charset="UTF-8" +X-Mailer: Evolution 3.22.5 +Mime-Version: 1.0 +Content-Transfer-Encoding: 8bit +X-MPI-Local-Sender: true +X-Spam-Status: No, score=-4.3 required=5.0 tests=BAYES_00,DKIM_SIGNED, + DKIM_VALID, DKIM_VALID_AU, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 +X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on + smtp1.linux-foundation.org +X-Mailman-Approved-At: Fri, 24 Feb 2017 13:45:40 +0000 +Subject: Re: [bitcoin-dev] SHA1 collisions make Git vulnerable to attakcs by + third-parties, not just repo maintainers +X-BeenThere: bitcoin-dev@lists.linuxfoundation.org +X-Mailman-Version: 2.1.12 +Precedence: list +List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org> +List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>, + <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe> +List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/> +List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org> +List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help> +List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>, + <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe> +X-List-Received-Date: Fri, 24 Feb 2017 10:13:09 -0000 + +On Fri, 2017-02-24 at 00:57 +0100, Aymeric Vitte via bitcoin-dev wrote: +> +> I have not worked on this since some time, so that's just thoughts, +> but maybe it can render things much more difficult +> than computing two files until the same hash is found +> + +You basically rely on the idea that specific collisions are more +difficult to find. This trick or similar tricks will not help. (And +actually, the more files you add to the hash, the more freedom you give +the attacker.) + +Even if certain collisions are more difficult to find today (which is +certainly true), the general rule is that someone will prove you wrong +in a year. + +Even if ignore security entirely, switching to new hash function is +much simpler trying to fix the usage of a broken hash function. + +Relying on SHA1 is hopeless. We have to get rid of it. + +Best, +Tim + + + + |