Opened 3 months ago

Closed 3 months ago

#2515 closed defect (invalid)

Developing over Monotone is a security flaw - SHA1 break

Reported by: anonymous maybe Owned by:
Priority: major Milestone: undecided
Component: other Version: 0.9.40
Keywords: Cc:
Parent Tickets: Sensitive: no

Description

As we know that monotone uses SHA1 (though its dead already), now im not here to discuss whether or not to use monotone because only its dead but now i want to discuss if even developing over monotone is even safe and if not then so as I2P.

  • SHA1 practical break down explained in:

https://shattered.io/

  • Also worth reading:

https://en.wikipedia.org/wiki/SHA-1#Birthday-Near-Collision_Attack_-_first_practical_chosen-prefix_attack

  • Related Proposal:

https://i2pforum.net/viewtopic.php?f=13&t=539

Subtickets

Change History (1)

comment:1 Changed 3 months ago by Eche|on

Resolution: invalid
Status: newclosed
Note: See TracTickets for help on using tickets.