[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnumed-devel] GNotary
From: |
Karsten Hilbert |
Subject: |
Re: [Gnumed-devel] GNotary |
Date: |
Tue, 30 Aug 2005 19:20:30 +0200 |
User-agent: |
Mutt/1.5.9i |
On Tue, Aug 30, 2005 at 08:23:30AM +0800, Syan Tan wrote:
> Hashing the logs and publishing it in a paper seems to be a good idea.
... suggested by none other than Bruce Schneier, certainly
someone with a clue.
> At a
> document level, if the document was a program and
> the program was obfuscatable, and the hash was md5 , then you could do the
> 2-documents-in-1-with-switching-on-the-identically-hashing-appended-block
> attack.
I cannot follow that. If you are referring to collisions in
a hash - yes, that's a risk. So you better use strong (for
now) hashes and several hashes of different kinds at the
same time. Again, as suggested by Bruce Schneier.
Assuming one hash getting "broken" - eg an attack being
found using which one can produce collisions as needed -
immediately hash your entire back-log of hashes with the
strongest hash available *then* and have that re-gnotarized.
Karsten
--
GPG key ID E4071346 @ wwwkeys.pgp.net
E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346