SHA1 collisions found

On February 23rd it was publicly announced that a collision had been found against SHA-1, the cryptographic hash function that Git uses to identify Git objects (blobs, trees, commits, annotated tags).

Details about the collision, how it was performed, as well as algorithms and code to detect such a collision attack were published simultaneously.

This caused numerous news articles related to Git and SHA-1 in many places, for example LWN.net:

as well as many discussions on the mailing list.

There have also been patch series flowing around. Moreover, plans to move Git away from SHA-1 have been shared and discussed.

Linus Torvalds for example sent a Typesafer git hash patch as a first step on fixing SHA-1 implicit dependencies. This one big patch approach, though, is not consistent with the way Brian Carlson has been working on the same issue for a long time. Junio Hamano has not commented on this patch yet. Hence, for the time being it is not sure at all that this topic will move much faster.

Some work on integrating the code to detect a collision attack into a new SHA-1 implementation in Git was started by Jeff King, adding a USE_SHA1DC knob to the Makefile, and then picked up by Linus. The original code was written by Marc Stevens, working for CWI and Dan Shumow, working for Microsoft. Interestingly, both Marc and Dan chimed into the discussion. Dan agreed to work on adaptations and performance improvements for Git, and on upstreaming this work into the original code base. Junio participated in the discussions, too, and it looks as if the resulting patch series could be merged for the next Git release; currently the ‘jk/sha1dc’ is in the ‘pu’ branch.

One of the plans to move Git away from SHA-1 was contributed by Jonathan Nieder, Stefan Beller, Jonathan Tan and Brandon Williams, who are all working in the same team at Google. The latest version of this plan is available in a Google document where it can be commented on. It has also been discussed in the following threads:

Another plan was posted by Ian Jackson; it also generated some discussion.

It’s interesting to note that Git is not the only version control system to be affected by the issue. Here are a few related posts: