[Noisebridge-discuss] Anti-piracy / anti-Pirate Bay law currently in Congress [drama]
Sai
noisebridge at saizai.com
Tue Sep 28 21:24:31 UTC 2010
On Tue, Sep 28, 2010 at 4:17 PM, Moxie Marlinspike
<moxie at thoughtcrime.org> wrote:
> Without knowing the context of this construction, I'd guess that it's
> for preventing an extension attack. Using the hmac construction would
> be better, and I'd guess he confused this with hmac.
Could you explain? AFAICT extension attack is when you know
hash(cyphertext) and length(cyphertext) you can predict
hash(cat(cyphertext, padding)) for some special padding without
knowing the cyphertext.
But with a salted hash, you don't know the length. Doubling the salt
doesn't add any entropy - if anything, it reduces it by half, because
you'd know the padding is even, whereas it could otherwise be odd.
Am I missing something?
- Sai
More information about the Noisebridge-discuss
mailing list