[tahoe-dev] "Elk Point" design for mutable, add-only, and immutable files

David-Sarah Hopwood david-sarah at jacaranda.org
Mon Oct 12 04:23:13 UTC 2009

Zooko Wilcox-O'Hearn wrote:
> I've started a matrix of ways that an immutable file cap format could  
> break: http://allmydata.org/trac/tahoe/wiki/NewCaps/WhatCouldGoWrong
> Also pay attention to the "what crypto property do we rely on"  
> column.  I wouldn't be surprised if SHA-256's collision-resistance is  
> increasingly called into question in future years.

I agree, but note that you can only create colliding files once you
know what attack to use -- unlike preimage attacks where you can target
files that were created years ago.

(This is of course no excuse for doing nothing to update many protocols
and implementations until ten or more years after cracks start to appear,
as happened with MD5.)

David-Sarah Hopwood  ⚥  http://davidsarah.livejournal.com

More information about the tahoe-dev mailing list