On Sun, 10 Apr 2005, Junio C Hamano wrote:
> >>>>> "DL" == David Lang <[email protected]> writes:
>
> DL> just wanted to point out that recent news shows that sha1 isn't as
> DL> good as it was thought to be (far easier to deliberatly create
> DL> collisions then it should be)
>
> I suspect there is no need to do so...
It's possible to generate another object with the same hash, but:
- you can't just take your desired object and do magic to make it hash
right
- it may not have the same length (almost certainly)
- it's still non-trivial in terms of computation needed
>
> Message-ID: <[email protected]>
> From: Linus Torvalds <[email protected]>
> Subject: Re: Kernel SCM saga..
> Date: Sat, 9 Apr 2005 09:16:22 -0700 (PDT)
>
> ...
>
> Linus
>
> (*) yeah, yeah, I know about the current theoretical case, and I don't
> care. Not only is it theoretical, the way my objects are packed you'd have
> to not just generate the same SHA1 for it, it would have to _also_ still
> be a valid zlib object _and_ get the header to match the "type + length"
> of object part. IOW, the object validity checks are actually even stricter
> than just "sha1 matches".
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
>
--
bill davidsen <[email protected]>
CTO, TMR Associates, Inc
Doing interesting things with little computers since 1979.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]