On Wednesday 29 October 2003 05:48 pm, Toad wrote: > On Wed, Oct 29, 2003 at 04:56:05PM -0600, Tom Kaitchuck wrote: > > WAIT. I've got it! Add another level of hashing. So the content is > > encrypted with it's hash, and it is stored in the hash of the hash of the > > hash, and attached to the request is the hash of the hash. This way they > > the attack is impossible to target. They would have to go through hashing > > values until they found ones that falls in the aria they are trying to > > attack. To make this more CPU intensive we could use a different hash > > algorithm, one with enough bit depth that trying to create even a limited > > lookup table based on it would be very impractical. This would break > > network compatability and require total datastore reset, so lets > > throughly discuss this and/or other solutions before implementing it. > > It's a nice idea but they could easily brute force the first few bytes.
Is there some way to make a hash like function that is trivial to verify, but hard to generate? Maybe something like: index under the 3rd hash and include the second hash as well as the next greater value who's last X bits match the last X bits of the third hash. ( then set some bound of how close that number has to be to the original hash.) Anyone have a better algorithm? Anyways then to brute force 2 bits it would take nearly 2^16th times as long as whatever is deemed an acceptable delay on a normal computer. _______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
