Git (and thus Github) relies on the SHA-1 hash function to guarantee that files can't be secretly changed. Now a collision has been found: two different files that produce the same hash. The commercial cost to create one would be around 100 BTC at the moment. Is this a problem for Monero? Could we implement a safer hash function or would we have to wait for git to fix this?
Asked
Active
Viewed 107 times
1 Answers
7
It'd need to wait for git to implement stronger collision resistance. Work is underway for this: http://www.metzdowd.com/pipermail/cryptography/2017-February/031606.html
However, Linus (original creator of git) thinks it's not that easy to exploit in git: https://plus.google.com/+LinusTorvalds/posts/7tp2gYWQugL
user36303
- 34,928
- 2
- 58
- 123