Changes between Version 3 and Version 4 of NewMutableEncodingDesign


Ignore:
Timestamp:
2009-08-28T02:39:44Z (15 years ago)
Author:
warner
Comment:

oops, HMAC(key=readcap) is insecure

Legend:

Unmodified
Added
Removed
Modified

  • NewMutableEncodingDesign

    v3 v4  
    189189== Shorter readcaps ==
    190190
     191(oh, oops, ignore this part. HMACs using the readcap as key are vulnerable to
     192manipulation by a collusion between Rose-the-readcap-holder and the storage
     193servers, and could be used to cause another readcap-holder to see the wrong
     194data. Nevermind.)
     195
    191196To make the readcap shorter, we must give up something, like complete
    192197server-side validation and complete offline attenuation.