How to protect Bitbucket Server from potential SHA-1 collision attack
Recent news reports about the breaking of the SHA-1 cryptographic hashing algorithm have a direct impact on Atlassian users, specifically of Bitbucket. Git-based version control systems such as Bitbucket strongly rely on SHA-1 for identification and integrity checking when files are committed. It's a serious problem. Our ScriptRunner for Bitbucket team have put together this fix for Bitbucket Server admins.
What is SHA-1 and what's the problem?
Although, it is in the process of being superceded, the SHA-1 algorithm is at the heart of a large amount of authentication online, in digital certificates for websites and in software. It produces a 160-bit hash value that, theoretically, should be unique for each and every file created.
However, researchers using a serious amount of computing power and a technique known as SHAttered have demonstrated that two different PDFs could have the same hash value. It's known as a collision attack and it's something shouldn't happen. SHA-1 is used to confirm the integrity of files when users submit documents, protecting against forged documents. It's also used to authenticate commits in code repositories. If two different documents can be created with the same hash, then an attacker could serve a compromised file (or repository) to users.
The Git version-control system strongly relies on SHA-1 for the identification and integrity checking of all file objects and commits. Bitbucket Sever (and all other Git based version-control hosted solutions) rely on. That means that it affects anyone developing code for software using Bitbucket or Git.
What's the solution?
The solution involves implementing a custom pre-receive hook in Bitbucket Server using ScriptRunner for Bitbucket Server. It leverages a C program developed by Marc Stevens (CWI) and Dan Shumow (Microsoft) that is publicly available on GitHub.
The program checks for a cryptanalytic collision attack on SHA-1. It is based on the concept of counter-cryptanalysis and it is able to detect known and unknown SHA-1 cryptanalytic collision attacks given just a single file from a colliding file pair. ScriptRunner for Bitbucket Server then uses the pre-receive hook to detect if the commits being pushed to Bitbucket Server contain file changes which indicate a cryptanalytic collision attack on SHA-1. If the pushed changes contain these then they are rejected.
How to install the collision detector program
You should first download the program from here.
Place the folder containing the program on the server Bitbucket is hosted on or, in the case of Data Center, place it on every node. Then, in the folder, run make install. This will install the SHA-1 collision detector on your server. You'll need to do this on all nodes if using Data Center.
How to install the pre-receive hook in Bitbucket Server
Next you need to configure the custom pre-receive hook below in ScriptRunner for Bitbucket Server (click here to download it from the Atlassian Marketplace, a 30-day free trial is available).
Go to Admin -> ScriptRunner -> Script Pre Hooks -> Custom Script Hook
There is documentation about pre-receive hooks in ScriptRunner for Bitbucket Server here.
Copy and paste the code contained in this Groovy script into the inline script and select the repositories you want to apply the detector to. See the image below for what this should look like. Then click update to save it.
Now, try adding and committing a file into a repository with contains a SHA-1 collision attack such as this one here. The hook will block the push with the message in the image attached because it contains the file with the SHA-1 collision attack.
If you have any questions about using fix with ScriptRunner for Bitbucket Server, use the Product Portal. To try ScriptRunner for Bitbucket Server, go to the Atlassian Marketplace.