public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Wladimir <laanwj@gmail.com>
To: Roy Badami <roy@gnomon.org.uk>
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] bitcoin pull requests
Date: Wed, 3 Apr 2013 05:41:26 +0200	[thread overview]
Message-ID: <CA+s+GJBLUTfu8q2zE4pJ+HO5u-GweGNKZebV=XRhBe7TCPggPg@mail.gmail.com> (raw)
In-Reply-To: <20130401225417.GV65880@giles.gnomon.org.uk>

[-- Attachment #1: Type: text/plain, Size: 7858 bytes --]

Maybe now that bitcoin is growing out of the toy phase it's an idea to
start gpg signing commits, like the Linux kernel (
https://lwn.net/Articles/466468/).

But I suppose then we can't use github anymore to merge as-is and need
manual steps?

Wladimir




On Tue, Apr 2, 2013 at 12:54 AM, Roy Badami <roy@gnomon.org.uk> wrote:

> And the moment I hit send I realised it's not necessarily true.
> Conceivably, a collision attack might help you craft two commits (one
> good, one bad) with the same hash.
>
> But I still maintain what I just posted is true: if someone gets
> malicious code into the repo, it's going to be by social engineering,
> not by breaking the cyrpto.
>
> roy
>
>
> On Mon, Apr 01, 2013 at 11:51:07PM +0100, Roy Badami wrote:
> > The attack Schneier is talking about is a collision attack (i.e. it
> > creates two messages with the same hash, but you don't get to choose
> > either of the messages).  It's not a second preimage attack, which is
> > what you would need to be able to create a message that hashes to the
> > same value of an existing message.
> >
> > (And it neither have anything to do with the birthday paradox, BTW -
> > which relates to the chance of eventually finding two messages that
> > hash to the same value by pure change)
> >
> > If someone gets malicious code into the repo, it's going to be by
> > social engineering, not by breaking the cyrpto.
> >
> > roy
> >
> > On Tue, Apr 02, 2013 at 12:27:51AM +0200, Melvin Carvalho wrote:
> > > On 2 April 2013 00:10, Will <will@phase.net> wrote:
> > >
> > > > The threat of a SHA1 collision attack to insert a malicious pull
> request
> > > > are tiny compared with the other threats - e.g. github being
> compromised,
> > > > one of the core developers' passwords being compromised, one of the
> core
> > > > developers going rogue, sourceforge (distribution site) being
> compromised
> > > > etc etc... believe me there's a lot more to worry about than a SHA1
> > > > attack...
> > > >
> > > > Not meaning to scare, just to put things in perspective - this is
> why we
> > > > all need to peer review each others commits and keep an eye out for
> > > > suspicious commits, leverage the benefits of this project being open
> source
> > > > and easily peer reviewed.
> > > >
> > >
> > > Very good points, and I think you're absolutely right.
> > >
> > > But just running the numbers, to get the picture, based of scheiner's
> > > statistics:
> > >
> > > http://www.schneier.com/blog/archives/2012/10/when_will_we_se.html
> > >
> > > We're talking about a million terrahashes = 2^60 right?
> > >
> > > With the block chain, you only have a 10 minute window, but with source
> > > code you have a longer time to prepare.
> > >
> > > Couldnt this be done with an ASIC in about a week?
> > >
> > >
> > >
> > > >
> > > > Will
> > > >
> > > >
> > > > On 1 April 2013 23:52, Melvin Carvalho <melvincarvalho@gmail.com>
> wrote:
> > > >
> > > >>
> > > >>
> > > >>
> > > >> On 1 April 2013 20:28, Petr Praus <petr@praus.net> wrote:
> > > >>
> > > >>> An attacker would have to find a collision between two specific
> pieces
> > > >>> of code - his malicious code and a useful innoculous code that
> would be
> > > >>> accepted as pull request. This is the second, much harder case in
> the
> > > >>> birthday problem. When people talk about SHA-1 being broken they
> actually
> > > >>> mean the first case in the birthday problem - find any two
> arbitrary values
> > > >>> that hash to the same value. So, no I don't think it's a feasible
> attack
> > > >>> vector any time soon.
> > > >>>
> > > >>> Besides, with that kind of hashing power, it might be more
> feasible to
> > > >>> cause problems in the chain by e.g. constantly splitting it.
> > > >>>
> > > >>
> > > >> OK, maybe im being *way* too paranoid here ... but what if someone
> had
> > > >> access to github, could they replace one file with one they had
> prepared at
> > > >> some point?
> > > >>
> > > >>
> > > >>>
> > > >>>
> > > >>> On 1 April 2013 03:26, Melvin Carvalho <melvincarvalho@gmail.com>
> wrote:
> > > >>>
> > > >>>>  I was just looking at:
> > > >>>>
> > > >>>> https://bitcointalk.org/index.php?topic=4571.0
> > > >>>>
> > > >>>> I'm just curious if there is a possible attack vector here based
> on the
> > > >>>> fact that git uses the relatively week SHA1
> > > >>>>
> > > >>>> Could a seemingly innocuous pull request generate another file
> with a
> > > >>>> backdoor/nonce combination that slips under the radar?
> > > >>>>
> > > >>>> Apologies if this has come up before ...
> > > >>>>
> > > >>>>
> > > >>>>
> ------------------------------------------------------------------------------
> > > >>>> Own the Future-Intel&reg; Level Up Game Demo Contest 2013
> > > >>>> Rise to greatness in Intel's independent game demo contest.
> > > >>>> Compete for recognition, cash, and the chance to get your game
> > > >>>> on Steam. $5K grand prize plus 10 genre and skill prizes.
> > > >>>> Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d
> > > >>>> _______________________________________________
> > > >>>> Bitcoin-development mailing list
> > > >>>> Bitcoin-development@lists.sourceforge.net
> > > >>>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
> > > >>>>
> > > >>>>
> > > >>>
> > > >>
> > > >>
> > > >>
> ------------------------------------------------------------------------------
> > > >> Own the Future-Intel&reg; Level Up Game Demo Contest 2013
> > > >> Rise to greatness in Intel's independent game demo contest.
> > > >> Compete for recognition, cash, and the chance to get your game
> > > >> on Steam. $5K grand prize plus 10 genre and skill prizes.
> > > >> Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d
> > > >> _______________________________________________
> > > >> Bitcoin-development mailing list
> > > >> Bitcoin-development@lists.sourceforge.net
> > > >> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
> > > >>
> > > >>
> > > >
> >
> > >
> ------------------------------------------------------------------------------
> > > Own the Future-Intel&reg; Level Up Game Demo Contest 2013
> > > Rise to greatness in Intel's independent game demo contest.
> > > Compete for recognition, cash, and the chance to get your game
> > > on Steam. $5K grand prize plus 10 genre and skill prizes.
> > > Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d
> >
> > > _______________________________________________
> > > Bitcoin-development mailing list
> > > Bitcoin-development@lists.sourceforge.net
> > > https://lists.sourceforge.net/lists/listinfo/bitcoin-development
> >
> >
> >
> ------------------------------------------------------------------------------
> > Own the Future-Intel&reg; Level Up Game Demo Contest 2013
> > Rise to greatness in Intel's independent game demo contest.
> > Compete for recognition, cash, and the chance to get your game
> > on Steam. $5K grand prize plus 10 genre and skill prizes.
> > Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d
> > _______________________________________________
> > Bitcoin-development mailing list
> > Bitcoin-development@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/bitcoin-development
> >
>
>
> ------------------------------------------------------------------------------
> Own the Future-Intel&reg; Level Up Game Demo Contest 2013
> Rise to greatness in Intel's independent game demo contest.
> Compete for recognition, cash, and the chance to get your game
> on Steam. $5K grand prize plus 10 genre and skill prizes.
> Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>

[-- Attachment #2: Type: text/html, Size: 11849 bytes --]

  reply	other threads:[~2013-04-03  3:41 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-04-01  8:26 [Bitcoin-development] bitcoin pull requests Melvin Carvalho
2013-04-01 18:28 ` Petr Praus
2013-04-01 21:52   ` Melvin Carvalho
2013-04-01 22:10     ` Will
2013-04-01 22:27       ` Melvin Carvalho
2013-04-01 22:51         ` Roy Badami
2013-04-01 22:54           ` Roy Badami
2013-04-03  3:41             ` Wladimir [this message]
2013-04-03  3:51               ` Jeff Garzik
2013-04-03 15:52                 ` grarpamp
2013-04-03 16:05                   ` Gavin Andresen
2013-04-03 16:23                     ` grarpamp
     [not found]                       ` <CAAS2fgT06RHBO_0stKQAYLPB39ZAzaCVduFZJROjSzXUP4Db+g@mail.gmail.com>
2013-04-03 18:12                         ` grarpamp
2013-04-04  9:11                           ` Mike Hearn
2013-04-04 10:04                             ` Mike Hearn

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CA+s+GJBLUTfu8q2zE4pJ+HO5u-GweGNKZebV=XRhBe7TCPggPg@mail.gmail.com' \
    --to=laanwj@gmail.com \
    --cc=bitcoin-development@lists.sourceforge.net \
    --cc=roy@gnomon.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox