On Wed, Oct 29, 2003 at 07:34:08PM -0600, Tom Kaitchuck wrote: > On Wednesday 29 October 2003 05:48 pm, Toad wrote: > > On Wed, Oct 29, 2003 at 04:56:05PM -0600, Tom Kaitchuck wrote: > > > WAIT. I've got it! Add another level of hashing. So the content is > > > encrypted with it's hash, and it is stored in the hash of the hash of the > > > hash, and attached to the request is the hash of the hash. This way they > > > the attack is impossible to target. They would have to go through hashing > > > values until they found ones that falls in the aria they are trying to > > > attack. To make this more CPU intensive we could use a different hash > > > algorithm, one with enough bit depth that trying to create even a limited > > > lookup table based on it would be very impractical. This would break > > > network compatability and require total datastore reset, so lets > > > throughly discuss this and/or other solutions before implementing it. > > > > It's a nice idea but they could easily brute force the first few bytes. > > Is there some way to make a hash like function that is trivial to verify, but > hard to generate? Maybe something like: index under the 3rd hash and include > the second hash as well as the next greater value who's last X bits match the > last X bits of the third hash. ( then set some bound of how close that number > has to be to the original hash.) Anyone have a better algorithm?
Yeah, it's called hash cash - but it'd slow down requests... > > Anyways then to brute force 2 bits it would take nearly 2^16th times as long > as whatever is deemed an acceptable delay on a normal computer. -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so.
signature.asc
Description: Digital signature
_______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl