| commit | bd0685765dd84550ea0c71c230d8d18c739d8b34 | |
| author | Nick Mathewson <nickm@torproject.org> | |
| Wed, 23 Sep 2009 15:45:54 +0000 (23 11:45 -0400) | ||
| committer | Nick Mathewson <nickm@torproject.org> | |
| Thu, 15 Oct 2009 19:17:13 +0000 (15 15:17 -0400) | ||
| tree | 7d2de73499f296586b73df44f0031d4a049fb590 | treesnapshot (tar.gz zip) |
| parent | 275900768aaaa3fbeb7d646b2fe196b7ae4a4a50 | commitdiff |
Revise proposal 162: SHA256(x), not SHA256(SHA256(x))
The point of doing SHA256 twice is, generally, is to prevent message
extension attacks where an attacker who knows H(A) can calculate
H(A|B). But for attaching a signature to a document, the attacker
already _knows_ A, so trying to keep them from calculating H(A|B) is
pointless.
The point of doing SHA256 twice is, generally, is to prevent message
extension attacks where an attacker who knows H(A) can calculate
H(A|B). But for attaching a signature to a document, the attacker
already _knows_ A, so trying to keep them from calculating H(A|B) is
pointless.
| proposals/162-consensus-flavors.txt | diffblobblamehistory |