Git and the security of SHA-1
I’ve heard quite a few times about how Git would be broken if someone found an easy way to create SHA-1 collisions.
A few years ago, after some attacks against SHA-1 were published, Linus explained that the security model of Git doesn’t depend on the hashes being cryptographically secure (although he said that it was a bonus and also mentioned a few possible problems).
There was an interesting thread in the Git mailing list about this topic: Starting to think about sha-256?.
Use this link to trackback from your own site.