Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Silently switch to hardened SHA1 #976

Closed
SoniEx2 opened this issue Aug 16, 2019 · 3 comments
Closed

Silently switch to hardened SHA1 #976

SoniEx2 opened this issue Aug 16, 2019 · 3 comments
Labels
closed:declined scope:core

Comments

@SoniEx2
Copy link

SoniEx2 commented Aug 16, 2019
edited

Hardened SHA1 is mostly backwards-compatible, so this shouldn't be much of an issue. (2^-90 probability of breaking compatibility with any given hash. you only have a handful on a torrent, it'll be fine.)
@ckerr
Copy link
Member

ckerr commented May 17, 2020

I guess my question is, it a torrent client switched to hardened SHA1, does that cause issues when communicating with other peers that aren't using it?

@SoniEx2
Copy link
Author

SoniEx2 commented May 17, 2020
edited

yes, with a very low probability. it's good enough tho. ideally they'd also switch, or there'd be a new protocol version that uses something better than SHA1.

@ckerr
Copy link
Member

ckerr commented Jan 26, 2022

I 100% agree with the usefulness of avoiding torrent hash collisions. Since the BitTorrent spec version 2 uses SHA2-256, and is the standard, IMO that is the right way of solving this problem.

The issue to track BitTorrent spec version 2 is #458

I'm closing this issue since 458 will be the fix, but I appreciate the suggestion. It's a good idea.

@ckerr ckerr closed this as completed Jan 26, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
closed:declined scope:core
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ckerr @SoniEx2