git-commit-vandalism/Documentation/technical
Ævar Arnfjörð Bjarmason 5988eb631a doc hash-function-transition: clarify what SHAttered means
Attempt to clarify what the SHAttered attack means in practice for
Git. The previous version of the text made no mention whatsoever of
Git already having a mitigation for this specific attack, which the
SHAttered researchers claim will detect cryptanalytic collision
attacks.

I may have gotten some of the nuances wrong, but as far as I know this
new text accurately summarizes the current situation with SHA-1 in
git. I.e. git doesn't really use SHA-1 anymore, it uses
Hardened-SHA-1 (they just so happen to produce the same outputs
99.99999999999...% of the time).

Thus the previous text was incorrect in asserting that:

    [...]As a result [of SHAttered], SHA-1 cannot be considered
    cryptographically secure any more[...]

That's not the case. We have a mitigation against SHAttered, *however*
we consider it prudent to move to work towards a NewHash should future
vulnerabilities in either SHA-1 or Hardened-SHA-1 emerge.

Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2018-03-27 19:08:31 -07:00
..
.gitignore
api-allocation-growing.txt
api-argv-array.txt api-argv-array.txt: remove broken link to string-list API 2017-10-06 21:16:03 +09:00
api-config.txt config: remove git_config_maybe_bool 2017-09-07 09:48:20 +09:00
api-credentials.txt
api-diff.txt
api-directory-listing.txt status: document options to show matching ignored files 2017-10-31 11:54:21 +09:00
api-error-handling.txt
api-gitattributes.txt attr: retire git_check_attrs() API 2017-02-01 13:46:52 -08:00
api-grep.txt
api-history-graph.txt
api-index-skel.txt
api-index.sh
api-merge.txt
api-object-access.txt sha1_file: convert pretend_sha1_file to object_id 2018-01-30 10:42:35 -08:00
api-oid-array.txt Documentation: update and rename api-sha1-array.txt 2017-03-31 08:33:56 -07:00
api-parse-options.txt timestamp_t: a new data type for timestamps 2017-04-27 13:07:39 +09:00
api-quote.txt
api-ref-iteration.txt refs: remove dead for_each_*_submodule() 2017-08-24 14:56:28 -07:00
api-remote.txt
api-revision-walking.txt
api-run-command.txt
api-setup.txt pathspec: remove the deprecated get_pathspec function 2017-01-08 18:04:17 -08:00
api-sigchain.txt
api-submodule-config.txt Correct mispellings of ".gitmodule" to ".gitmodules" 2018-02-14 11:34:34 -08:00
api-trace.txt
api-tree-walking.txt tree-walk: convert fill_tree_descriptor() to object_id 2017-08-14 12:38:54 -07:00
api-xdiff-interface.txt
bitmap-format.txt
hash-function-transition.txt doc hash-function-transition: clarify what SHAttered means 2018-03-27 19:08:31 -07:00
http-protocol.txt smart-http: document flush after "# service" line 2018-03-05 11:05:19 -08:00
index-format.txt fsmonitor: add documentation for the fsmonitor extension. 2017-10-01 17:23:05 +09:00
long-running-process-protocol.txt Docs: split out long-running subprocess handshake 2018-01-25 11:24:32 -08:00
pack-format.txt
pack-heuristics.txt
pack-protocol.txt Merge branch 'jh/partial-clone' 2018-02-13 13:39:04 -08:00
partial-clone.txt partial-clone: design doc 2017-12-14 13:10:57 -08:00
protocol-capabilities.txt upload-pack: add object filtering for partial clone 2017-12-08 09:58:51 -08:00
protocol-common.txt
racy-git.txt
repository-version.txt extension.partialclone: introduce partial clone extension 2017-12-05 09:46:05 -08:00
send-pack-pipeline.txt
shallow.txt
signature-format.txt
trivial-merge.txt treewide: correct several "up-to-date" to "up to date" 2017-08-23 12:17:22 -07:00