lord: > I would expect someone to have on hand a small number of blobs that are > different but have different hashes and, eventually, to drop said files > into a blob-based infrastructure to wreak havoc. cscott: This is just ridiculous. The number of known collisions in SHA1 is *exactly zero* at this point in time --- not guaranteed to stay that way, of course, but generating collisions is likely to remain relatively expensive for some time. Blob-dbs and the low-level object system (trees, file-contents, and changesets) are pretty fundamental things. It is likely (and desirable) -- not guaranteed but likely (and desirable) -- that people will invest heavily in building infrastructure that operates solely at that level of abstraction. Arguably, that is already happening. Simultaneously, it is very desirable that some mathemetican somewhere will discover two bitstrings which are different but have SHA1 checksums, and then tell everyone in the world about their discovery. My point is simply that blob-db implementations should assume that the mathemeticians will succeed and take the small steps necessary to make sure that those bitstrings can't be used to crash a distributed blob-db infrastructure. -t - To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.htmlReceived on Sat Apr 30 06:44:09 2005
This archive was generated by hypermail 2.1.8 : 2005-04-30 06:44:09 EST