Zooko Wilcox-O'Hearn wrote: > I've started a matrix of ways that an immutable file cap format could > break: http://allmydata.org/trac/tahoe/wiki/NewCaps/WhatCouldGoWrong [...] > Also pay attention to the "what crypto property do we rely on" > column. I wouldn't be surprised if SHA-256's collision-resistance is > increasingly called into question in future years.
I agree, but note that you can only create colliding files once you know what attack to use -- unlike preimage attacks where you can target files that were created years ago. (This is of course no excuse for doing nothing to update many protocols and implementations until ten or more years after cracks start to appear, as happened with MD5.) -- David-Sarah Hopwood ⚥ http://davidsarah.livejournal.com _______________________________________________ tahoe-dev mailing list [email protected] http://allmydata.org/cgi-bin/mailman/listinfo/tahoe-dev
