Changes between Version 1 and Version 2 of NewCaps/Rainhill
- Timestamp:
- 2011-03-05T01:40:09Z (14 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
NewCaps/Rainhill
v1 v2 1 1 This is about What Could Go Wrong with the "Rainhill 3" immutable file caps: http://jacaranda.org/tahoe/immutable-rainhill-3.svg 2 2 3 (http://jacaranda.org/tahoe/immutable-rainhill-3.png if your browser does not correctly handle SVG.) 3 4 … … 21 22 1. ''shape-shifter immutable file'': creator creates more than one file matching the immutable file readcap 22 23 23 2. See the probability table at http://en.wikipedia.org/wiki/Birthday_Attack . The effective hash length is approximately min(''s'',''r'')+''t'' bits.24 2. See the probability table at http://en.wikipedia.org/wiki/Birthday_Attack . The effective hash length is approximately ''r''+''t'' bits. 24 25 25 26 3. On Merkle-Damgård hashes with an internal state that is the same size as the hash output (like SHA-256), there are better second-preimage attacks than brute force. See http://www.schneier.com/paper-preimages.pdf . The doubled "SHA-256d" construction used by Tahoe does not help here. This is not significant for roadblock/speedbump attacks because the internal state will be much larger than ''t'' bits, but it is significant for the other second-preimage attacks.
