Search:
Login
Help/Guide
About Trac
Preferences
Wiki
Timeline
Roadmap
Browse Source
View Tickets
GitHub Project
Context Navigation
Back to NewCaps/WhatCouldGoWrong
Change History for
NewCaps/WhatCouldGoWrong
Version
Date
Author
Comment
59
2013-05-23T18:04:34Z
daira
my name
58
2013-01-14T02:27:59Z
zooko
https, when available
57
2013-01-14T02:16:26Z
zooko
fix links
56
2011-02-22T05:27:49Z
davidsarah
take into account multi-target attacks against encryption
55
2010-01-05T01:16:33Z
davidsarah
footnote about parallel brute-force and multiple-key attacks
54
2009-11-21T20:35:07Z
davidsarah
cost of brute-force multi-target preimage attacks can't be reduced to …
53
2009-10-21T01:30:03Z
davidsarah
unlink #2
52
2009-10-21T01:29:34Z
davidsarah
actually #3 does *not* depend on one-wayness of hash_r because R has …
51
2009-10-21T01:26:08Z
davidsarah
#5
depends on one-wayness of hash_r
50
2009-10-21T00:57:57Z
davidsarah
italics, K1enc -> EncK1
49
2009-10-21T00:54:23Z
davidsarah
to prevent some attacks, hash_r must be a suitable KDF (sort-of …
48
2009-10-21T00:38:21Z
davidsarah
image link didn't work with .svg (at least in Firefox). Works with .png
47
2009-10-19T23:50:34Z
zooko
add image of elk point 2 at top of page
46
2009-10-15T05:04:33Z
davidsarah
add URL for post about multicollision attacks
45
2009-10-15T04:40:28Z
davidsarah
multicollision attacks
44
2009-10-11T20:06:57Z
davidsarah
set URLs back to fixed versions on jacaranda.org
43
2009-10-11T17:29:52Z
davidsarah
cleanup
42
2009-10-11T17:28:55Z
davidsarah
parenthesize p/N to avoid possible misreading
41
2009-10-11T16:57:11Z
davidsarah
correct formula for cost of collision attack #1
40
2009-10-11T16:17:10Z
davidsarah
cost of attack #12 is not relevant because attack #3 is strictly better
39
2009-10-11T16:14:05Z
davidsarah
#7 and #8 are really the same attack; merge and renumber
38
2009-10-11T16:09:55Z
davidsarah
resistance to attack #7 depends on onewayness of hash
37
2009-10-11T16:05:58Z
davidsarah
footnote 5 no longer applicable; remove and renumber
36
2009-10-11T16:00:59Z
davidsarah
fix formatting of superscripts; expand n/a
35
2009-10-11T15:52:09Z
davidsarah
generalize attack costs for low-success-probability and multi-target …
34
2009-10-11T15:30:38Z
davidsarah
SHA-256d does not help for attacks in footnote 7
33
2009-10-11T15:21:31Z
davidsarah
footnote 7 applies to SHA-256
32
2009-10-11T15:18:38Z
davidsarah
31
2009-10-11T15:17:43Z
davidsarah
note attacks better than brute-force on Merkle-Damgård hashes
30
2009-10-11T14:00:05Z
davidsarah
correction to effective hash length for accidental collisions
29
2009-10-11T04:04:03Z
zooko
link to my version of the diagram where I changed
n
to
r
28
2009-10-11T03:47:59Z
davidsarah
go back to using r = bitlength(R)
27
2009-10-11T03:41:56Z
davidsarah
KD in #8 need not be the original KD
26
2009-10-11T03:39:35Z
davidsarah
move URL relevant to footnote 2
25
2009-10-11T03:34:38Z
davidsarah
add footnote 6
24
2009-10-11T03:29:24Z
davidsarah
s = bitlength(S)
23
2009-10-11T03:24:43Z
davidsarah
typo
22
2009-10-11T02:49:28Z
davidsarah
clarification to #6
21
2009-10-11T02:48:50Z
davidsarah
20
2009-10-11T02:39:50Z
davidsarah
attack #6 depends on onewayness, not preimage resistance
19
2009-10-11T02:29:52Z
davidsarah
pre-image -> preimage
18
2009-10-11T02:27:40Z
davidsarah
attack #4 depends on second-preimage resistance, not collision resistance
17
2009-10-11T02:24:24Z
davidsarah
cost of attack #2
16
2009-10-11T02:20:50Z
davidsarah
hash length for accidental collisions
15
2009-10-11T02:17:11Z
davidsarah
security and seeding of RNG that generated K1
14
2009-10-11T02:14:36Z
davidsarah
K1 and plaintext might be encrypted by different enc. schemes
13
2009-10-11T02:07:43Z
davidsarah
cost of
#8
12
2009-10-11T01:54:32Z
davidsarah
accidental collision; footnote 5
11
2009-10-11T01:42:07Z
davidsarah
can deny service by attacking the network
10
2009-10-11T01:36:32Z
davidsarah
9
2009-10-11T01:35:12Z
davidsarah
formatting
8
2009-10-11T01:34:51Z
davidsarah
fix undeletion attacks
7
2009-10-11T01:18:11Z
davidsarah
add attack on verify cap
6
2009-10-11T01:01:22Z
davidsarah
add denial-of-service
5
2009-10-11T00:50:00Z
davidsarah
r -> n (r would have been more consistent, but n is what the diagram uses)
4
2009-10-11T00:45:20Z
davidsarah
3
2009-10-11T00:43:08Z
davidsarah
fix typos and some variable names
2
2009-10-10T21:58:19Z
zooko
whee more attacks
1
2009-10-10T20:52:21Z
zooko
What Could Go Wrong