Why did Git and Mercurial use SHA1

Question

Both Git and Mercurial use SHA1 extensively throughout the application.

Why was SHA1 chosen rather then another Cryptographic hash function?

Both Git and mercurial are both 10 years old. What alternatives would be better suited now?

Also related: http://stackoverflow.com/questions/28792784/why-does-git-use-a-cryptographic-hash-function — jub0bs, Jun 24 '15 at 08:34
It is not a duplicate of the proposed question as that asks why a hash was chosen, not why *that* hash was chosen. The answers to that question details why a cryptographic hash is a good idea in a distributed world but does not touch upon why SHA1 was chosen instead of some other hash function. — Lasse V. Karlsen, Jun 24 '15 at 08:45
@LasseV.Karlsen I did mention in http://stackoverflow.com/a/28792805/6309 "A lot of people assume since git uses SHA-1 and SHA-1 is used for cryptographically secure stuff, they think that it's a huge security feature. It has nothing at all to do with security, it's just the best hash you can get." — VonC, Jun 24 '15 at 09:04
Yes, that one is a good duplicate, but not the one that Jubobs has selected and voted to close with. — Lasse V. Karlsen, Jun 24 '15 at 09:05
Please, un-mark this as duplicate - the context here is a bit different with the 2 suggested duplicates. This author's is not challenging the necessity for a cryptographic function but the *specific` `SHA1` algorithm selected. True, the answers on the other questions are providing somke clues, but only partially. — ankostis, Oct 19 '16 at 14:46
This question does not only ask for Git but also for Mercurial. — Arne Babenhauserheide, Feb 23 '17 at 17:51
SHA-1 wasn't broken for how Git and Mercurial use hashes. ( https://www.mercurial-scm.org/wiki/mpm/SHA1 ) In short, the Google collision isn't even close to the weakest link in the chain for version control systems. Subversion has a bug fix to make, but that's different; related, but different. — Granger, Feb 27 '17 at 18:37

Why did Git and Mercurial use SHA1

0 Answers0