go-multihash icon indicating copy to clipboard operation
go-multihash copied to clipboard
verified publisher icon multiformats

Use collision-detecting SHA1 alg

Open magik6k opened this issue 8 years ago • 2 comments

It's possible to detect cryptanalytic collision attacks on SHA1, there is a lib in C which implements SHA1 with this 'extension' - https://github.com/cr-marcstevens/sha1collisiondetection, we should consider using that here.

magik6k avatar Oct 11 '17 23:10 magik6k

I felt inspire to poke at this recently and it seemed easy enough https://github.com/aschmahmann/go-sha1collisiondetection/pull/1.

However, I can't see how I would register this in go-multihash since the registry takes a hash.Hash (https://pkg.go.dev/hash#Hash) which inconveniently has no way of returning an error when calling sum. Is it worth introducing any breaking changes here? cc @Stebalien @warpfork @magik6k

Perhaps this is the only hash function that can result in an error, but I could see other scenarios such as hash functions that only work for data of a particular format that's not fixable by just padding zeros.

Note: there's also a difference between Sum and Finalize in the underlying C library in that the C library modifies the internal state and doesn't append bytes to the end of a slice, but those are very fixable.

aschmahmann avatar Apr 25 '22 20:04 aschmahmann

Fallible hashers are... annoying. The rust API doesn't make any room for them either.

One solution would be to change the hash digest. E.g., if we run into a "broken" hash, we take the first 128 bits of a sha256 hash instead.

Also note: we probably don't want to require cgo for this library, if at all possible.

Stebalien avatar Apr 26 '22 07:04 Stebalien