Announcement

Collapse
No announcement yet.

Git 2.29 Released With Experimental Support For Using More Secure SHA-256

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • oleid
    replied
    Originally posted by jntesteves View Post
    • Better performance.
    I personally think that's why BLAKE2 would be a better choice than SHA3.


    Leave a comment:


  • jntesteves
    replied
    Originally posted by oleid View Post

    They share little besides the name. Certain classes of attacks are not possible with sha3.

    https://crypto.stackexchange.com/que...-3-and-sha-256
    Exactly, hence we use HMAC and all is good and well. This use case can potentially be better served by SHA-3, but even that is not a no-brainer, you should consider your priorities carefully. But where you absolutely don't need resistance to length extension attacks, as is the case with git as documented in the link adler187 posted above [1], SHA-2 offers the following advantages over SHA-3, which might be important to some projects:
    • Proven by time. SHA-2 has been used in the wild for a while and never broken. SHA-3 is new and less tried;
    • Widely available. There are SHA-2 libraries in every platform going back many years;
    • Many independent implementations;
    • Better performance.
    This bullet list clicks a lot with git, so the choice is kinda obvious to me.

    [1] https://github.com/git/git/blob/mast....txt#L603-L634

    Leave a comment:


  • oleid
    replied
    Originally posted by jntesteves View Post

    OK, but why? Becauze 3 bigger then 2?
    They share little besides the name. Certain classes of attacks are not possible with sha3.

    https://crypto.stackexchange.com/que...-3-and-sha-256

    Leave a comment:


  • uid313
    replied
    Originally posted by jntesteves View Post

    OK, but why? Becauze 3 bigger then 2?

    As developers we should keep in mind that SHA-3 does not deprecate SHA-2. I always consider using SHA-3 where I needed HMAC with SHA-2 before, but other than that, why? (I'm not a cryptographer so I'm well receptive of actual knowledgeable arguments on this)
    Yeah, pretty much that, because 3 is bigger than 2.
    I don't know much about cryptography either.

    Leave a comment:


  • zxy_thf
    replied
    Originally posted by oleid View Post

    It didn't really mention why not more modern hashes were used. I mean, one could argue they are not wide-spread enough. But it should be easy to simply copy&paste a C implementation to the repo as fallback. Nevertheless, sha256 is a solid choice, today. Maybe it will be easier to migrate to a better solution in 10 years.
    One thing that really makes me feel uneasy about their choice is, SHA-2's structure is very much like SHA-1.
    Consider the current transition progress, it is very possible that another major weakness would be found within a few years of finishing SHA-2 transition.

    Leave a comment:


  • jntesteves
    replied
    Originally posted by uid313 View Post
    SHA-2? What about SHA-3 (Keccak) or BLAKE3?
    OK, but why? Becauze 3 bigger then 2?

    As developers we should keep in mind that SHA-3 does not deprecate SHA-2. I always consider using SHA-3 where I needed HMAC with SHA-2 before, but other than that, why? (I'm not a cryptographer so I'm well receptive of actual knowledgeable arguments on this)

    Leave a comment:


  • Vistaus
    replied
    in b4 "why would anyone choose Git over Mercurial/SVN/etc.?" and "is Git easier to use now?"

    Leave a comment:


  • oleid
    replied
    It didn't really mention why not more modern hashes were used. I mean, one could argue they are not wide-spread enough. But it should be easy to simply copy&paste a C implementation to the repo as fallback. Nevertheless, sha256 is a solid choice, today. Maybe it will be easier to migrate to a better solution in 10 years.







    Leave a comment:


  • adler187
    replied
    Originally posted by uid313 View Post
    SHA-2? What about SHA-3 (Keccak) or BLAKE3?
    See https://github.com/git/git/blob/mast....txt#L603-L634

    Leave a comment:


  • uid313
    replied
    SHA-2? What about SHA-3 (Keccak) or BLAKE3?

    Leave a comment:

Working...
X