Free software evangelist John Gilmore to Torvalds in 2005: SHA1 has been broken…,Software,Security,Open Source,Operating Systems ,Cloud,open source,Linus Torvalds,git,Github,SHA1,hash,John Gilmore,hashing,SHA-1,md5,Linux
Linus Torvalds was warned more than ten years ago that the use of the SHA-1 hash to sign code in Linux and Git was insecure and advised to prepare for a shift to something more secure – but rejected the advise outright.
Free software evangelist John Gilmore warned Torvalds in 2005 that » SHA1 has been broken; it’s possible to generate two different blobs that hash to the same SHA1 hash « .
Gilmore was wrote his warning to Torvalds in April 2005, when MD5 had already been cracked and SHA1 remained « hard to crack » – but still crackable.
« Since we don’t have a reliable long-term hash function today, you’ll have to change hash functions a few years out. Some foresight now will save much later pain in keeping big trees like the kernel secure. Either that, or you’ll want to re-examine Git’s security assumptions now: what are the implications if multiple different blobs can be intentionally generated that have the same hash?
« My initial guess is that changing has functions will be easier than making Git work in the presence of unreliable hashing, » wrote Gilmore, who advised Torvalds to « make sure the code and the repositories are modular [so] they don’t care what hash function is in use ».
He continued: « Whether that means making a single Git repository able to use several hash functions, or merely making it possible to have one repository that uses SHA1 and another that uses some future ‘wonder hash’, is a system design decision for you and the Git contributors to make.
