Home » Mailing list archives » git » 2006 » August » 27

Starting to think about sha-256?

!MAILaRCHIVE_VOTE_RePLACE
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
[view in full thread]
From: Jeff Garzik <jeff@...>
To: Git Mailing List <git@...>
Subject: Starting to think about sha-256?
Date: Sunday, August 27, 2006 - 1:56 pm

Recent press[1] is talking about sha-1 collisions again.  Even though 
the reported attack was against a weakened variant of sha-1 (64, not 80, 
passes), it serves as a useful point to start talking about the future.

I argue that sha-256 is better suited to git's purposes, and to modern 
machines, than sha-1.

Upsides to sha-256:
* not just a bit increase, but a stronger algorithm.  there is more 
mixing, doing a more-than-incrementally better job at avoiding collisions.
* the bit increase itself provides more hash space, theoretically 
reducing collisions.
* properly aligned, a set of 32-byte hashes won't straddle CPU cachelines.

Downsides to sha-256:
* git protocol/storage format change implications.
* increase in storage size (20 to 32 bytes per hash).
* fewer hand-optimized algorithm variants have been implemented.
* likely more CPU cycles per hash, though I haven't measured.

Wikimedia page has lotsa info: 
http://en.wikipedia.org/wiki/Secure_Hash_Algorithm

Maybe sha-256 could be considered for the next major-rev of git?

	Jeff


[1] http://www.heise-security.co.uk/news/77244

-
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
Messages in current thread:
Starting to think about sha-256?, Jeff Garzik, (Sun Aug 27, 1:56 pm)
Re: Starting to think about sha-256?, Florian Weimer, (Tue Aug 29, 2:17 am)
Re: Starting to think about sha-256?, Krzysztof Halasa, (Sun Aug 27, 4:30 pm)
Re: Starting to think about sha-256?, Linus Torvalds, (Sun Aug 27, 4:46 pm)
Re: Starting to think about sha-256?, Johannes Schindelin, (Sun Aug 27, 6:02 pm)
Re: Starting to think about sha-256?, Linus Torvalds, (Sun Aug 27, 6:35 pm)
Re: Starting to think about sha-256?, David Lang, (Mon Aug 28, 1:27 pm)
Re: Starting to think about sha-256?, Linus Torvalds, (Mon Aug 28, 1:56 pm)
Re: Starting to think about sha-256?, Johannes Schindelin, (Mon Aug 28, 7:09 pm)
Re: Starting to think about sha-256?, Linus Torvalds, (Mon Aug 28, 7:48 pm)
Re: Starting to think about sha-256?, Krzysztof Halasa, (Mon Aug 28, 4:12 pm)
Re: Starting to think about sha-256?, Linus Torvalds, (Mon Aug 28, 4:20 pm)
Re: Starting to think about sha-256?, Krzysztof Halasa, (Mon Aug 28, 5:12 pm)
Re: Starting to think about sha-256?, Linus Torvalds, (Mon Aug 28, 5:23 pm)
Re: Starting to think about sha-256?, Jeff King, (Mon Aug 28, 2:32 pm)
Re: Starting to think about sha-256?, Linus Torvalds, (Mon Aug 28, 2:46 pm)
Re: Starting to think about sha-256?, Jeff King, (Mon Aug 28, 3:00 pm)
Re: Starting to think about sha-256?, Linus Torvalds, (Mon Aug 28, 2:06 pm)
Re: Starting to think about sha-256?, Krzysztof Halasa, (Sun Aug 27, 5:14 pm)