[Whonix-devel] How safe are signed git tags? Only as safe as SHA-1 or somehow safer?

Duy Nguyen pclouds at gmail.com
Mon Nov 24 12:44:10 CET 2014


On Mon, Nov 24, 2014 at 5:15 PM, Michael J Gruber
<git at drmicha.warpmail.net> wrote:
> Duy Nguyen schrieb am 24.11.2014 um 02:23:
>> On Tue, Nov 18, 2014 at 4:26 AM, Jeff King <peff at peff.net> wrote:
>>> Yes, it is only as "safe as SHA-1" in the sense that you have GPG-signed
>>> only a SHA-1 hash. If somebody can find a collision with a hash you have
>>> signed, they can substitute the colliding data for the data you signed.
>>
>> I wonder if we can have an option to sign all blob content of the tree
>> associated to a commit, and the content of parent commit(s). It's more
>> expensive than signing just commit/tag content. But it's also safer
>> without completely ditching SHA-1.
>>
>
> This amounts to hashing the blob content with whatever hash you told
> your gpg to use (hopefully not sha1 ;) ) and signing that.
>
> You're free to do that now and store the signature wherever your
> toolchain deems fit, say in a note or an annotated tag. But that
> approach won't sign the history, that is: If you are concerned about the
> breakability of sha1, then history is "possibly broken" no matter how
> you sign a commit object whose "parent" entry is based on the sha1 of
> its parent object.

If you store the singature in commit message, and if you hash the
parent commit messages as well, which are also signed, then you have
the same chaining effect that we have with SHA-1. I think this could
be done with some hooks already, except maybe for the verification
part.
-- 
Duy


More information about the Whonix-devel mailing list