If I understand this correct, the node of the sender will have to compute a valid hash cash before actually sending the key? And receivers can easily check the hash cash and reject keys without a valid hash cash?
On Sat, Mar 1, 2008 at 6:33 PM, Michael Rogers <m.rogers at cs.ucl.ac.uk> wrote: > Michael Rogers wrote: > > the data must be > > accompanied by a string whose hash shares a b-bit prefix with the hash > > of the public part of the key. > > Sorry for replying to myself but I just spotted a problem: you could > build up a dictionary of strings for all b-bit prefixes and reuse them. > So instead of hash(string) matching hash(public_part) in the first b > bits, hash(xor(string,public_part)) should match hash(public_part) in > the first b bits. > > > > Cheers, > Michael > _______________________________________________ > Tech mailing list > Tech at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/tech > -- __________________________________________________ GnuPG key: (0x48DBFA8A) Keyserver: pgpkeys.pca.dfn.de Fingerprint: 477D F057 1BD4 1AE7 8A54 8679 6690 E2EC 48DB FA8A __________________________________________________
