On Apr 28, 2008, at 1:55 PM, Jack Lloyd wrote: > On Mon, Apr 28, 2008 at 01:33:39PM -0700, Jim McCoy wrote: > >> First "problem" here is that you have lost the "crypto" properties of >> the hash and security has dropped to the level of whatever OPHF() >> provides. > > Could you explain how one would find a collision or pre-image of the > construction I described?
If OPHF() leaks information (which is is bound to do if you really think about what is required to preserve order among inputs) then I will ignore the SHAXXX you concatenated to the end and just go after the order-preserving hash. The very features of the hash which allow it to preserve ordering also mean that it is unsuitable for those tasks which require cryptographic security. OTOH, few, if any, DHT designs require cryptographic security. [Perhaps I am just misunderstanding your construction, but MD4(x) || SHA-256(x) is only as strong as MD4, not stronger than SHA-256 alone...] jim _______________________________________________ p2p-hackers mailing list p2p-hackers@lists.zooko.com http://lists.zooko.com/mailman/listinfo/p2p-hackers