Re: [tahoe-dev] a crypto puzzle about digital signatures and future compatibility

2009-09-04 Thread Zooko Wilcox-O'Hearn
On Thursday,2009-08-27, at 19:14 , James A. Donald wrote: Zooko Wilcox-O'Hearn wrote: Right, and if we add algorithm agility then this attack is possible even if both SHA-2 and SHA-3 are perfectly secure! Consider this variation of the scenario: Alice generates a filecap and gives it to

Re: [tahoe-dev] a crypto puzzle about digital signatures and future compatibility

2009-08-31 Thread James A. Donald
Zooko Wilcox-O'Hearn wrote: On Wednesday,2009-08-26, at 19:49 , Brian Warner wrote: Attack B is where Alice uploads a file, Bob gets the filecap and downloads it, Carol gets the same filecap and downloads it, and Carol desires to see the same file that Bob saw. ... The attackers (who may