
You're a moron, Torvalds, not a cryptographer - nkurz
http://blog.sn4t14.com/post/5/2016-03-08/You%27re-a-moron,-Torvalds,-not-a-cryptographer
======
Arnt
Linus also wrote that "SHA-1, as far as Git is concerned, isn't even a
security feature. It's purely a consistency check. The security parts are
elsewhere, so a lot of people assume that since Git uses SHA-1 and SHA-1 is
used for cryptographically secure stuff, they think that, OK, it's a huge
security feature. It has nothing at all to do with security, it's just the
best hash you can get."

(It's not security because it's stored together with the data. An attacker who
can corrupt a particular patch has enough access to corrupt the rest of the
same file. It's not meant to defend against an attacker, merely to detect
accidental corruption.)

~~~
samuellb
That's true, but the format of signed tags will need to change in one way or
another. What we could do is to have a "shadow" tree which is built using a
stronger hash algorithm (e.g. SHA256), and which is used for signing history.
The shadow tree would be identical to the real tree except for the hashes and
references to hashes.

------
Tiquor
The author seems to be missing a bit of Linus' point. It seems that the point
Linus is making is that a collision along with the underlying data being
meaningful is orders of magnitude harder than the collission, or produces
easily detectable abberations. I'm not a cryptographic expert either but the
author seems to be thinking more in a world of passwords where the underlying
data often remains unknown. I think Linus is being somewhat pragmatic too and
basically saying that if you think this is a problem then the whole thing is a
house of cards.

------
sgdread
Very interesting way to start a blogging career: never learn about subject
(SHA-1 and it's role in git), call creator moron and then rant on security
issues with SHA-1 without realizing SHA-1 is just hash and has no security
function in git (at least in context Linus posted his reply 10 years ago).

~~~
alexandrerond
well, isn't it nice when a blog uncovers so much from its author right from
the first post?

