From 0359fcb531c36e30fc1d32baa78e1849317db5de Mon Sep 17 00:00:00 2001
From: warner <>
Date: Fri, 28 Aug 2009 02:39:44 +0000
Subject: [PATCH] oops, HMAC(key=readcap) is insecure

[Imported from Trac: page NewMutableEncodingDesign, version 4]
---
 NewMutableEncodingDesign.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/NewMutableEncodingDesign.md b/NewMutableEncodingDesign.md
index 1216d26..b3d97dc 100644
--- a/NewMutableEncodingDesign.md
+++ b/NewMutableEncodingDesign.md
@@ -188,6 +188,11 @@ doesn't even change the way the existing caps are used:
 
 ## Shorter readcaps
 
+(oh, oops, ignore this part. HMACs using the readcap as key are vulnerable to
+manipulation by a collusion between Rose-the-readcap-holder and the storage
+servers, and could be used to cause another readcap-holder to see the wrong
+data. Nevermind.)
+
 To make the readcap shorter, we must give up something, like complete
 server-side validation and complete offline attenuation.