Using 160 bits from another hash function is silly, but his point that the size of the commit is hashed as well does help and it does sound like it would mitigate this collision attack.
The PDF attack demonstrated wasn’t a preimage attack was it? If it wasn’t, we have a lot less to be concerned about. Making two arbitrary pieces of data collide in a hash function is one thing, but finding another piece of data which hashes to a particular hash is different and more difficult.
Using 160 bits from another hash function is silly, but his point that the size of the commit is hashed as well does help and it does sound like it would mitigate this collision attack.
The PDF attack demonstrated wasn’t a preimage attack was it? If it wasn’t, we have a lot less to be concerned about. Making two arbitrary pieces of data collide in a hash function is one thing, but finding another piece of data which hashes to a particular hash is different and more difficult.
[Comment removed by author]
You do sound like a dick because I wasn’t defending SHA1 and you are making assumptions about people and their expertise levels.
You should relax, this isn’t HN, we have conversations here without attacking eachother.
Note also his own followup.