Version 1 (modified by warner, at 2007-04-26T22:43:35Z) (diff)


Each place a hash function is used within Tahoe, the data to be hashed is first prepended with a distinct "tag", one per purpose.

These tags are encoded as a NetString?, to insure that they cannot be confused with the data being hashed. For example, the VerifierId is computed as the SHA-256 hash of the following string:

    "23:allmydata_verifierid_v1," + DATA

This technique is especially important to distinguish the leaf nodes from the internal nodes in a MerkleHashTree?, because otherwise an attacker can trivially construct leaf data that results in the same root hash as a previously constructed tree.