https, when available

[Imported from Trac: page NewCaps/WhatCouldGoWrong, version 58]

NewCaps/WhatCouldGoWrong.md

@@ -32,9 +32,9 @@ where *k* = bitlength(*K1*), *r* = bitlength(*R*), *s* = bitlength(*S*), *t* = b
 
 3. *undeletion*: attacker makes a deleted file (for which it need not have had a read cap) accessible at its previous storage index, and readable by previous read caps
 
-4. See the probability table at <http://en.wikipedia.org/wiki/Birthday_Attack> . The effective hash length is approximately min(*s*,*r*)+*t* bits.
+4. See the probability table at <https://en.wikipedia.org/wiki/Birthday_attack> . The effective hash length is approximately min(*s*,*r*)+*t* bits.
 
-5. On Merkle-Damgård hashes with an internal state that is the same size as the hash output (like SHA-256), there are better second-preimage attacks than brute force. See <http://www.schneier.com/paper-preimages.pdf> . The doubled "SHA-256d" construction used by Tahoe does not help here. This is not significant for roadblock/speedbump attacks because the internal state will be much larger than *t* bits, but it is significant for the other second-preimage attacks.
+5. On Merkle-Damgård hashes with an internal state that is the same size as the hash output (like SHA-256), there are better second-preimage attacks than brute force. See <https://www.schneier.com/paper-preimages.pdf> . The doubled "SHA-256d" construction used by Tahoe does not help here. This is not significant for roadblock/speedbump attacks because the internal state will be much larger than *t* bits, but it is significant for the other second-preimage attacks.
 
 6. *roadblock*/*speedbump* attacks could be restricted to holders of a read cap by use of an extra signature, as in the Elk Point 3 design (diagram at <http://jacaranda.org/tahoe/mutable-addonly-elkpoint-3.svg> for mutable files).