resistance to attack !#7 depends on onewayness of hash

[Imported from Trac: page NewCaps/WhatCouldGoWrong, version 38]

NewCaps/WhatCouldGoWrong.md

@@ -10,7 +10,7 @@ This is about What Could Go Wrong with the "Elk Point 2" immutable file caps: <h
 |4|roadblock or speedbump [2]footnote|generate (*K1enc*,*Dhash*,*V*) that hash to someone else's *T*, and copy their *S*|anyone [6]footnote|any one file|the hash function's and cap format's second-preimage resistance on *T*|*p*/*N*.2^*t*^|
 |5|unauthorized read|attack the encryption of the plaintext with *K1*|anyone|any one file|the security of the encryption scheme used for the plaintext, and the secrecy of the encryption key *K1*. The latter also depends on the security and seeding of the RNG that generated it.|*p*.2^*k*^|
 |6|unauthorized read|figure out the input to the hash function that generates *S*|anyone|any one file|the hash function's onewayness for (*R*,*T*) -> *S*|brute force on *R* is !#2|
-|7|unauthorized deletion|brute force KD|anyone|any one file|secrecy of *KD*|*p*/*N*.2^*d*^|
+|7|unauthorized deletion|brute force KD|anyone|any one file|the hash function's onewayness for *KD* -> *Dhash* and the secrecy of *KD*|*p*/*N*.2^*d*^|
 |8|unauthorized deletion|figure out a working destroy key KD from Dhash|anyone|any one file|the hash function's preimage resistance on *Dhash*|*p*/*N*.2^min(*d*,*dh*)^|
 |9|denial of service|prevent access to servers holding sufficient shares (by controlling some of them, or by attacking them or the network)|anyone|any file|not prevented by crypto|not applicable|
 |10|cause invalid share to verify|generate (*K1enc*,*Dhash*,*V*) that hash to someone else's (*T*,*U*), and copy their *S*|anyone|any one file|the hash function's second-preimage resistance on (*T*,*U*)|*p*/*N*.2^*t*+*u*^ [5]footnote|