Changes between Version 50 and Version 51 of NewCaps/WhatCouldGoWrong
 Timestamp:
 20091021T01:26:08Z (15 years ago)
Legend:
 Unmodified
 Added
 Removed
 Modified

NewCaps/WhatCouldGoWrong
v50 v51 9 9 3forgery of immutable filegenerate a matching readcap (''R'',''T'') for someone else's fileanyoneany one filethe hash function's and cap format's secondpreimage resistance on (''R'',''T''). This also depends on the encryption of ''K1'' being deterministic and correct, and on the suitability of hash_''r'' as a KDF.(''p''/''N'').2^''r''+''t''^ [footnotes 5,8] 10 10 4roadblock or speedbump [footnote 2]generate (''EncK1'',''Dhash'',''V'') that hash to someone else's ''T'', and copy their ''S''anyone [footnote 6]any one filethe hash function's and cap format's secondpreimage resistance on ''T''(''p''/''N'').2^''t''^ 11 5unauthorized readattack the encryption of the plaintext with ''K1''anyoneany one filethe security of the encryption scheme used for the plaintext, and the secrecy of the encryption key ''K1''. The latter also depends on the security and seeding of the RNG that generated it .''p''.2^''k''^11 5unauthorized readattack the encryption of the plaintext with ''K1''anyoneany one filethe security of the encryption scheme used for the plaintext, and the secrecy of the encryption key ''K1''. The latter also depends on the security and seeding of the RNG that generated it, and the onewayness of hash_''r''.''p''.2^''k''^ 12 12 6unauthorized readfigure out the input to the hash function that generates ''S''anyoneany one filethe hash function's onewayness for (''R'',''T'') > ''S''brute force on ''R'' is !#2 13 13 7unauthorized deletionfigure out a working destroykey ''KD'' for a given ''Dhash''anyoneany one filethe hash function's preimage resistance on ''Dhash'' and the secrecy of ''KD''(''p''/''N'').2^min(''d'',''dh'')^