[messaging] Bounding hash 2d preimage bits (was Re:...Test Data)

Robert Ransom rransom.8774 at gmail.com
Wed Jul 23 12:55:13 PDT 2014


On 7/23/14, David Leon Gil <coruus at gmail.com> wrote:

> Robert: If your host name and IP address change frequently, just use your
> name, or your zip code, or a short, very easy-to-remember nonce. The
> requirement is not that it be as strong as a password; just something to
> de-genericize the attack. (You get rid of most of that 2^27 advantage with
> only 2^16 unique hostnames...)

I would rather just compare a whole 256-bit public key or public-key
hash than have to deal with something like the Windows 3.11 concept of
‘workgroup’ again.

> De-genericizing attacks using 'nonces' in this way does not allow
> avoiding memory accesses, with their huge latency.

???

How do you intend that the nonce be used?


Robert Ransom


More information about the Messaging mailing list