correction to effective hash length for accidental collisions

[Imported from Trac: page NewCaps/WhatCouldGoWrong, version 30]
2009-10-11 14:00:05 +00:00 · 2009-10-11 14:00:05 +00:00 · e421f28321
parent 8a8d4eda26
commit e421f28321
1 changed files with 1 additions and 1 deletions
--- a/NewCaps/WhatCouldGoWrong.md
+++ b/NewCaps/WhatCouldGoWrong.md
@ -29,7 +29,7 @@ where *k* = bitlength(*K1*), *r* = bitlength(*R*), *s* = bitlength(*S*), *t* = b

 3. *undeletion*: attacker makes a deleted file (for which it need not have had a read cap) accessible at its previous storage index, and readable by previous read caps

-4. See the probability table at <http://en.wikipedia.org/wiki/Birthday_Paradox> , for hash length *s*+*t*.
+4. See the probability table at <http://en.wikipedia.org/wiki/Birthday_Paradox> . The effective hash length is approximately min(*s*,*r*)+*t* bits.

 5. Brute force costs assume a single-target attack that is expected to succeed with high probability. Costs will be lower for attacking multiple targets or for a lower success probability. (Should we give explicit formulae for this?)