oops, HMAC(key=readcap) is insecure
[Imported from Trac: page NewMutableEncodingDesign, version 4]
parent
19ebf92202
commit
0359fcb531
|
@ -188,6 +188,11 @@ doesn't even change the way the existing caps are used:
|
||||||
|
|
||||||
## Shorter readcaps
|
## Shorter readcaps
|
||||||
|
|
||||||
|
(oh, oops, ignore this part. HMACs using the readcap as key are vulnerable to
|
||||||
|
manipulation by a collusion between Rose-the-readcap-holder and the storage
|
||||||
|
servers, and could be used to cause another readcap-holder to see the wrong
|
||||||
|
data. Nevermind.)
|
||||||
|
|
||||||
To make the readcap shorter, we must give up something, like complete
|
To make the readcap shorter, we must give up something, like complete
|
||||||
server-side validation and complete offline attenuation.
|
server-side validation and complete offline attenuation.
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue