Changes between Version 2 and Version 3 of NewCaps/Rainhill

Timestamp:

2011-03-05T01:41:23Z (14 years ago)

Author:

davidsarah

Comment:

use of undefined N

NewCaps/Rainhill

@@ -9 +9 @@
 ||2||unauthorized read||attack the encryption of ''K_R'' with ''R''||anyone||any one file||the security of the PRP, the secrecy of the read-key ''R'', and the suitability of hash_''r'' as a KDF.||''p''.2^min(''r'',''k'')^ / ''m''||
 ||3||forgery of immutable file||generate a matching read-cap (''R'',''T'') for someone else's file||anyone||any one file||the hash function's and cap format's second-preimage resistance on (''R'',''T''). This also depends on the hashes and PRP being correctly implemented, and on the suitability of hash_''k'' and hash_''r'' as a KDF.||''p''.2^''r''+''t''^ / ''m'' [footnotes 3,5]||
-||4||unauthorized read||attack the encryption of the plaintext with ''K1''||anyone||any one file||the security of the encryption scheme used for the plaintext, and the secrecy of the encryption key ''K1''. The latter also depends on the security and seeding of the RNG that generated it, and on resistance to attack !#2.||(''p''/''N'').2^''k''^||
+||4||unauthorized read||attack the encryption of the plaintext with ''K1''||anyone||any one file||the security of the encryption scheme used for the plaintext, and the secrecy of the encryption key ''K1''. The latter also depends on the security and seeding of the RNG that generated it, and on resistance to attack !#2.||''p''.2^''k''^ / ''m''||
 ||5||unauthorized read||figure out the input to the hash function that generates ''S'' and/or ''V''||anyone||any one file||the hash function's onewayness for ''R'' -> ''V'' or ''V'' -> ''S''||brute force on ''R'' is !#2||
 ||6||accidental collision||storage indices (''S1'',''T1'') and (''S2'',''T2'') collide accidentally||not applicable||any two files||approximately random distribution of hash function outputs||[footnote 2]||