Hello, Dave.

If we want to have any kind of confidence that the hash is really unbreakable,
we should make it not just longer than 160 bits, we should make sure that it's
two or more hashes, and that they are based on totally different principles.

And we should all digitally sign every single object too, and we should use
4096-bit PGP keys and unguessable passphrases that are at least 20 words in
length. And we should then build a bunker 5 miles underground, encased in
lead, so that somebody cannot flip a few bits with a ray-gun, and make us
believe that the sha1's match when they don't. Oh, and we need to all wear
aluminum propeller beanies to make sure that they don't use that ray-gun to
make us do the modification _ourselves_.

    -- Linus Torvalds
    -- Message to the git mailing list ( http://lwn.net/Articles/132513/ )