On Thursday,2009-08-27, at 19:14 , James A. Donald wrote:
Zooko Wilcox-O'Hearn wrote:
Right, and if we add algorithm agility then this attack is
possible even if both SHA-2 and SHA-3 are perfectly secure!
Consider this variation of the scenario: Alice generates a
filecap and gives it to
Zooko Wilcox-O'Hearn wrote:
On Wednesday,2009-08-26, at 19:49 , Brian Warner wrote:
Attack B is where Alice uploads a file, Bob gets the filecap and
downloads it, Carol gets the same filecap and downloads it, and
Carol desires to see the same file that Bob saw. ... The attackers
(who may
Folks:
My brother Nathan Wilcox asked me in private mail about protocol
versioning issues. (He was inspired by this thread on
cryptography@metzdowd.com [1, 2, 3]). After rambling for a while
about my theories and experiences with such things, I remembered this
vexing