On Wed, 10 Sep 2003, Nick Tarleton wrote: > On Wednesday 10 September 2003 08:15 pm, Nick Tarleton wrote: > > On Wednesday 10 September 2003 05:26 pm, [EMAIL PROTECTED] wrote: > > > On Wed, 10 Sep 2003 13:53:49 -0700 > > > =?iso-8859-1?Q?J=E9r=F4me_ou_Sally_Bonnet?= > > > > > > <[EMAIL PROTECTED]> wrote: > > > >Is it possible to design a program that creates a file that matches > > > >a specific CHK, so that it would be possible to prevent users from > > > >accessing a specific file by injecting the colliding file in the > > > >network before the target file becomes too popular? > > > > > > Yes, it is possible. But it is computationally very hard. For any given > > > CHK there are an infinite number of files that yield that CHK after > > > insertion. The problem is finding one of them. > > > > To quibble, for files of a size of N bits, the number of files matching a > > given SHA1 hash is going to be around (2^N)/(2^160). A pretty large number, > > but a very tiny fraction of N. > > > > All right, I just had to show off my m47h skillz... > Hmm. This can't be right; at some point this would be greater than N. > No matter what, it'd be very hard to calculate a file for a given CHK, > especially given that the size of the file is also part of the key. > BTW, what prevents someone from lying about a CHK, because the data is > encrypted after hashing? Couldn't you insert 16K of NULLs and claim that > their CHK is that of a real site? I'm sure this was seen and stopped in some > way I don't understand; would anyone be so kind as to share that?
It's hashed post-encryption, and the node storing/passing the data can verify that the hash matches the (encrypted) data they see. It's just a routing key. The second half of the CHK is the decryption key (generated from the original contents). It's done this way so that the same file inserted in two places generates the same CHK. --Dan
pgp00000.pgp
Description: PGP signature
_______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
