Fossil SCM
Updated the "SHA-3 vs SHA-2 vs SHA-1" section of the fossil-v-git article to cover Brian M. Carlson's plan for migrating Git to SHA-256.
Commit
4fdc8db06a3043a1dd4cb5cf5d8792dbc1a360ca08d9c45c817e94fcfa70c166
Parent
f5e02af3ab16ec1…
1 file changed
+31
-19
+31
-19
| --- www/fossil-v-git.wiki | ||
| +++ www/fossil-v-git.wiki | ||
| @@ -822,33 +822,45 @@ | ||
| 822 | 822 | Fossil delivered a new release allowing a clean migration to |
| 823 | 823 | [https://en.wikipedia.org/wiki/SHA-3|256-bit SHA-3] with |
| 824 | 824 | [./hashpolicy.wiki|full backwards compatibility] to old SHA-1 based |
| 825 | 825 | repositories. |
| 826 | 826 | |
| 827 | -By mid-2019, that feature arrived in every software package repository | |
| 828 | -shipping Fossil, the last mover being Debian's stable package repo, | |
| 829 | -which has a highly conservative policy on upgrading to new versions. | |
| 830 | -With that hurdle run, we were able to change the default hash mode in | |
| 831 | -Fossil 2.10 (released 2019-10-04) to require SHA-3 support both for new | |
| 832 | -repositories and to create SHA-3 hashes in existing repos, effectively | |
| 833 | -upgrading them if they were created with Fossil 1.<i>x</i>. This not | |
| 827 | +In October 2019, after the last of the major binary | |
| 828 | +package repos offering Fossil upgraded to Fossil 2.<i>x</i>, | |
| 829 | +we switched the default hash mode so that from | |
| 830 | +Fossil 2.10 forward, the conversion to SHA-3 is fully automatic. | |
| 831 | +This not | |
| 834 | 832 | only solves the SHAttered problem, it should prevent a reoccurrence of |
| 835 | 833 | similar problems for the foreseeable future. |
| 836 | 834 | |
| 837 | -Meanwhile, the Git community took until August 2018 to announce | |
| 838 | -[https://git-scm.com/docs/hash-function-transition/2.18.0|their plan] | |
| 839 | -for solving the same problem by moving to SHA-256 (a variant of the | |
| 840 | -[https://en.wikipedia.org/wiki/SHA-2|older SHA-2 algorithm]) and until | |
| 841 | -February 2019 to release a version containing the change. It's looking | |
| 842 | -like this will take years more to percolate through the community. | |
| 843 | - | |
| 844 | -The practical impact of SHAttered on structured data stores like the one | |
| 845 | -in Git and Fossil isn't clear, but you want to have your repositories | |
| 835 | +Meanwhile, the Git community took until August 2018 to publish | |
| 836 | +[https://git-scm.com/docs/hash-function-transition/|their first plan] | |
| 837 | +for solving the same problem by moving to SHA-256, a variant of the | |
| 838 | +[https://en.wikipedia.org/wiki/SHA-2 | older SHA-2 algorithm]. As of | |
| 839 | +this writing in February 2020, that plan hasn't been implemented, as far | |
| 840 | +as this author is aware, but there is now | |
| 841 | +[https://lwn.net/ml/git/[email protected]/ | |
| 842 | +| a competing SHA-256 based plan] which requires complete repository | |
| 843 | +conversion from SHA-1 to SHA-256, breaking all public hashes in the | |
| 844 | +repo. One way to characterize such a massive upheaval in Git terms is a | |
| 845 | +whole-project rebase, which violates | |
| 846 | +[https://blog.axosoft.com/golden-rule-of-rebasing-in-git/ | Git's own | |
| 847 | +Golden Rule of Rebasing]. | |
| 848 | + | |
| 849 | +Regardless of the eventual implementation details, we fully expect Git | |
| 850 | +to move off SHA-1 eventually and for the changes to take years more to | |
| 851 | +percolate through the community. | |
| 852 | + | |
| 853 | +Almost three years after Fossil solved this problem, the | |
| 854 | +[https://sha-mbles.github.io/ | SHAmbles attack] was published, further | |
| 855 | +weakening the case for continuing to use SHA-1. | |
| 856 | + | |
| 857 | +The practical impact of attacks like SHAttered and SHAmbles on the | |
| 858 | +Git and Fossil blockchains isn't clear, but you want to have your repositories | |
| 846 | 859 | moved over to a stronger hash algorithm before someone figures out how |
| 847 | -to make use of the weaknesses in the old one. Fossil's developers moved | |
| 848 | -on this problem quickly and had a widely-deployed solution to it years | |
| 849 | -ago. | |
| 860 | +to make use of the weaknesses in the old one. Fossil had this covered | |
| 861 | +for years now, so that the solution is now almost universally deployed. | |
| 850 | 862 | |
| 851 | 863 | <hr/> |
| 852 | 864 | |
| 853 | 865 | <h3>Asides and Digressions</h3> |
| 854 | 866 | |
| 855 | 867 |
| --- www/fossil-v-git.wiki | |
| +++ www/fossil-v-git.wiki | |
| @@ -822,33 +822,45 @@ | |
| 822 | Fossil delivered a new release allowing a clean migration to |
| 823 | [https://en.wikipedia.org/wiki/SHA-3|256-bit SHA-3] with |
| 824 | [./hashpolicy.wiki|full backwards compatibility] to old SHA-1 based |
| 825 | repositories. |
| 826 | |
| 827 | By mid-2019, that feature arrived in every software package repository |
| 828 | shipping Fossil, the last mover being Debian's stable package repo, |
| 829 | which has a highly conservative policy on upgrading to new versions. |
| 830 | With that hurdle run, we were able to change the default hash mode in |
| 831 | Fossil 2.10 (released 2019-10-04) to require SHA-3 support both for new |
| 832 | repositories and to create SHA-3 hashes in existing repos, effectively |
| 833 | upgrading them if they were created with Fossil 1.<i>x</i>. This not |
| 834 | only solves the SHAttered problem, it should prevent a reoccurrence of |
| 835 | similar problems for the foreseeable future. |
| 836 | |
| 837 | Meanwhile, the Git community took until August 2018 to announce |
| 838 | [https://git-scm.com/docs/hash-function-transition/2.18.0|their plan] |
| 839 | for solving the same problem by moving to SHA-256 (a variant of the |
| 840 | [https://en.wikipedia.org/wiki/SHA-2|older SHA-2 algorithm]) and until |
| 841 | February 2019 to release a version containing the change. It's looking |
| 842 | like this will take years more to percolate through the community. |
| 843 | |
| 844 | The practical impact of SHAttered on structured data stores like the one |
| 845 | in Git and Fossil isn't clear, but you want to have your repositories |
| 846 | moved over to a stronger hash algorithm before someone figures out how |
| 847 | to make use of the weaknesses in the old one. Fossil's developers moved |
| 848 | on this problem quickly and had a widely-deployed solution to it years |
| 849 | ago. |
| 850 | |
| 851 | <hr/> |
| 852 | |
| 853 | <h3>Asides and Digressions</h3> |
| 854 | |
| 855 |
| --- www/fossil-v-git.wiki | |
| +++ www/fossil-v-git.wiki | |
| @@ -822,33 +822,45 @@ | |
| 822 | Fossil delivered a new release allowing a clean migration to |
| 823 | [https://en.wikipedia.org/wiki/SHA-3|256-bit SHA-3] with |
| 824 | [./hashpolicy.wiki|full backwards compatibility] to old SHA-1 based |
| 825 | repositories. |
| 826 | |
| 827 | In October 2019, after the last of the major binary |
| 828 | package repos offering Fossil upgraded to Fossil 2.<i>x</i>, |
| 829 | we switched the default hash mode so that from |
| 830 | Fossil 2.10 forward, the conversion to SHA-3 is fully automatic. |
| 831 | This not |
| 832 | only solves the SHAttered problem, it should prevent a reoccurrence of |
| 833 | similar problems for the foreseeable future. |
| 834 | |
| 835 | Meanwhile, the Git community took until August 2018 to publish |
| 836 | [https://git-scm.com/docs/hash-function-transition/|their first plan] |
| 837 | for solving the same problem by moving to SHA-256, a variant of the |
| 838 | [https://en.wikipedia.org/wiki/SHA-2 | older SHA-2 algorithm]. As of |
| 839 | this writing in February 2020, that plan hasn't been implemented, as far |
| 840 | as this author is aware, but there is now |
| 841 | [https://lwn.net/ml/git/[email protected]/ |
| 842 | | a competing SHA-256 based plan] which requires complete repository |
| 843 | conversion from SHA-1 to SHA-256, breaking all public hashes in the |
| 844 | repo. One way to characterize such a massive upheaval in Git terms is a |
| 845 | whole-project rebase, which violates |
| 846 | [https://blog.axosoft.com/golden-rule-of-rebasing-in-git/ | Git's own |
| 847 | Golden Rule of Rebasing]. |
| 848 | |
| 849 | Regardless of the eventual implementation details, we fully expect Git |
| 850 | to move off SHA-1 eventually and for the changes to take years more to |
| 851 | percolate through the community. |
| 852 | |
| 853 | Almost three years after Fossil solved this problem, the |
| 854 | [https://sha-mbles.github.io/ | SHAmbles attack] was published, further |
| 855 | weakening the case for continuing to use SHA-1. |
| 856 | |
| 857 | The practical impact of attacks like SHAttered and SHAmbles on the |
| 858 | Git and Fossil blockchains isn't clear, but you want to have your repositories |
| 859 | moved over to a stronger hash algorithm before someone figures out how |
| 860 | to make use of the weaknesses in the old one. Fossil had this covered |
| 861 | for years now, so that the solution is now almost universally deployed. |
| 862 | |
| 863 | <hr/> |
| 864 | |
| 865 | <h3>Asides and Digressions</h3> |
| 866 | |
| 867 |