Linus had an interesting observation last week, after it was announced that collisions could be found for the SHA1 hash algorithm. On the “Shattered” page, they declare that everything is broken, from cryptographic signatures to backup systems, and git. Linus however, refutes this, noting that the use of SHA1 in git is not for security, but rather as an identifier for the commit.

In fact, as is pointed out in the comments section of Linus’ post, git could probably have gone with a CRC 160-bit function (the default SHA1 is 160 bits). Or, if there was no need to relate the ID directly to the submitted code, an UUID would also have been fine.

The point is, security does not exist for itself, but rather as a reaction or mitigation to a threat. If the threat is cosmic rays or disk corruption, assuming no other intentional attack, and all that is required is to detect when there is a bit-flip, CRC, MD5, SHA1 are all fine alternatives. However, for dealing with encrypted messages, keys and signatures, other algorithms are needed. As for git, the biggest threat there is not bit-flips, accidental or malicious. Rather, it is the incorrect behaviour and functioning of the code in the repository. And for that, the solution is not hash functions, but unit tests. As Linus points out, you will definitely notice if characters and code is flipped around.