Free software evangelist John Gilmore to Torvalds in 2005: SHA1 has been broken…,Software,Security,Open Source,Operating Systems ,Cloud,open source,Linus Torvalds,git,Github,SHA1,hash,John Gilmore,hashing,SHA-1,md5,Linux
Linus Torvalds was warned more than ten years ago that the use of the SHA-1 hash to sign code in Linux and Git was insecure and advised to prepare for a shift to something more secure – but rejected the advise outright.
Free software evangelist John Gilmore warned Torvalds in 2005 that ” SHA1 has been broken; it’s possible to generate two different blobs that hash to the same SHA1 hash “.
Gilmore was wrote his warning to Torvalds in April 2005, when MD5 had already been cracked and SHA1 remained “hard to crack” – but still crackable.
“Since we don’t have a reliable long-term hash function today, you’ll have to change hash functions a few years out. Some foresight now will save much later pain in keeping big trees like the kernel secure. Either that, or you’ll want to re-examine Git’s security assumptions now: what are the implications if multiple different blobs can be intentionally generated that have the same hash?
“My initial guess is that changing has functions will be easier than making Git work in the presence of unreliable hashing,” wrote Gilmore, who advised Torvalds to “make sure the code and the repositories are modular [so] they don’t care what hash function is in use”.
He continued: “Whether that means making a single Git repository able to use several hash functions, or merely making it possible to have one repository that uses SHA1 and another that uses some future ‘wonder hash’, is a system design decision for you and the Git contributors to make.