Targeted sha-1 collisions now apparently much more possible and cheaper with new research https://www.zdnet.com/article/sha-1-collision-attacks-are-now-actually-practical-and-a-looming-danger/
How long till someone introduces an intentional cycle in a git repository? Anyone want to place bets on which one? My guess: the linux kernel, sometime in the next 1.5 years.
HT @rixx for the link
@cwebber question is, does the sha1 variant hardened against SHAttered detect this, and/or can it be improved to detect this?
@joeyh do you have a writeup somewhere on how you did so?
@cwebber no, but basically have enough control over your data formats that there's no place to hide the added data that makes the collision happen
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!