David-Sarah Hopwood wrote: > I've designed a new version of the cap protocol I posted a few days > ago, that addresses Brian's comments about roadblock attacks. [...] > A conservative choice of parameters might be > > immutable: n = 128, t = 128, ell = 160, m = 160. > read caps 256 bits, verify caps 320 bits, read/verify 228 bits.
I meant: read/verify caps 288 bits. > 2^128 confidentiality and collision resistance; roadblock > attacks are effectively impossible. > > mutable: n = 128, t = 50, ell = 160, m = 160. > read caps 178 bits, verify caps 320 bits, read/verify 228 bits. Same here: read/verify caps 288 bits. > 2^128 confidentiality; collision resistance not relevant. > Resistance to roadblock attacks is sufficient provided > strategy 2 described below is used. -- David-Sarah Hopwood ⚥ http://davidsarah.livejournal.com _______________________________________________ tahoe-dev mailing list [email protected] http://allmydata.org/cgi-bin/mailman/listinfo/tahoe-dev
