oops, HMAC(key=readcap) is insecure

[Imported from Trac: page NewMutableEncodingDesign, version 4]
2009-08-28 02:39:44 +00:00 · 2009-08-28 02:39:44 +00:00 · 0359fcb531
parent 19ebf92202
commit 0359fcb531
1 changed files with 5 additions and 0 deletions
--- a/NewMutableEncodingDesign.md
+++ b/NewMutableEncodingDesign.md
@ -188,6 +188,11 @@ doesn't even change the way the existing caps are used:

 ## Shorter readcaps

+(oh, oops, ignore this part. HMACs using the readcap as key are vulnerable to
+manipulation by a collusion between Rose-the-readcap-holder and the storage
+servers, and could be used to cause another readcap-holder to see the wrong
+data. Nevermind.)
+
 To make the readcap shorter, we must give up something, like complete
 server-side validation and complete offline attenuation.