Changes between Version 12 and Version 13 of NewMutableEncodingDesign


Ignore:
Timestamp:
2010-01-08T02:33:56Z (15 years ago)
Author:
davidsarah
Comment:

added cap examples for K=160, and link to argument about multi-target attacks

Legend:

Unmodified
Added
Removed
Modified

  • NewMutableEncodingDesign

    v12 v13  
    4747== Filecap Length ==
    4848
    49 A likely security parameter K (=kappa) would be 96 or 128 bits, and most of
    50 the filecaps will be some multiple of K.
     49A likely security parameter K (=kappa) would be 96, 128, or 160 bits, and most of
     50the filecaps will be some multiple of K. [96 bits is too short IMHO --David-Sarah]
    5151
    5252Assuming a {{{tahoe:}}} prefix and no additional metadata, here's what
     
    5656  * 96 {{{tahoe:14efs6T5YNim0vDVV}}}
    5757  * 128 {{{tahoe:4V2uIYVX0PcHu9fQrJ3GSH}}}
     58  * 160 {{{tahoe:8gdR7Epld72UvkF6Pe9hhT8NQx3}}}
    5859 * 2*K:
    5960  * 192 {{{tahoe:072Og6e75IOP9ZZsbR1Twjs6X5xXJnBAF}}}
    6061  * 256 {{{tahoe:fZeioazoWrO62reiAjzUAyV0uz3ssh6Hnanv8cKMClY}}}
     62  * 320 {{{tahoe:j6Re0BbWp7DqJtgd9fUXl4pWiD5kr1mjT9DtudJ72o0vhPen83Utza}}}
    6163 * 3*K:
    6264  * 288 {{{tahoe:11DriaxD9nipA10ueBvv5uoMoehvxgPerpQiXyvMPeiUUdtf6}}}
    6365  * 384 {{{tahoe:3a31SqUbf8fpWE1opRCT3coDhRqTU7bDU2AvC3RQJBu6ZNFhVscyxA9slYtPVT79x}}}
     66  * 480 {{{tahoe:P6rGeI6CwlG4i8W2l6haSoC9rfPjw0KHBi8xAk4F8vdhnRhL8nwE27CitJ9Rld06HuKt8VucypJRcbGFo}}}
    6467
    6568Adding 2 metadata characters and a clear separator gives us:
     
    6770 * 96: {{{tahoe:MW-14efs6T5YNim0vDVV}}}
    6871 * 128: {{{tahoe:DW-4V2uIYVX0PcHu9fQrJ3GSH}}}
     72 * 160: {{{tahoe:DW-8gdR7Epld72UvkF6Pe9hhT8NQx3}}}
    6973 * 192: {{{tahoe:MR-072Og6e75IOP9ZZsbR1Twjs6X5xXJnBAF}}}
    7074 * 256: {{{tahoe:DR-fZeioazoWrO62reiAjzUAyV0uz3ssh6Hnanv8cKMClY}}}
    7175 * 288: {{{tahoe:MR-11DriaxD9nipA10ueBvv5uoMoehvxgPerpQiXyvMPeiUUdtf6}}}
    72  * 384: {{{tahoe:MR-3a31SqUbf8fpWE1opRCT3coDhRqTU7bDU2AvC3RQJBu6ZNFhVscyxA9slYtPVT79x}}}
     76 * 320: {{{tahoe:MV-j6Re0BbWp7DqJtgd9fUXl4pWiD5kr1mjT9DtudJ72o0vhPen83Utza}}}
     77 * 384: {{{tahoe:DV-3a31SqUbf8fpWE1opRCT3coDhRqTU7bDU2AvC3RQJBu6ZNFhVscyxA9slYtPVT79x}}}
     78 * 480: {{{tahoe:MV-P6rGeI6CwlG4i8W2l6haSoC9rfPjw0KHBi8xAk4F8vdhnRhL8nwE27CitJ9Rld06HuKt8VucypJRcbGFo}}}
    7379
    7480[http://allmydata.org/trac/tahoe/ticket/217#comment:44 #217:c44] says that,
    7581if we don't need to prevent collisions, then we can use a K-bit hash for
    76 K-bit second-pre-image resistance.
     82K-bit second-pre-image resistance. However, see
     83[http://allmydata.org/trac/tahoe/ticket/882#comment:6 #882:c6] for a
     84counterargument saying that 50 extra bits or so are needed to be secure
     85against multi-target attacks.
    7786
    7887= Design Proposals =