[messaging] Bounding hash 2d preimage bits (was Re:...Test Data)

Trevor Perrin trevp at trevp.net
Wed Jul 23 23:40:44 PDT 2014


On Wed, Jul 23, 2014 at 12:55 PM, Robert Ransom <rransom.8774 at gmail.com> wrote:
> On 7/23/14, David Leon Gil <coruus at gmail.com> wrote:
>
>> Robert: If your host name and IP address change frequently, just use your
>> name, or your zip code, or a short, very easy-to-remember nonce. The
>> requirement is not that it be as strong as a password; just something to
>> de-genericize the attack. (You get rid of most of that 2^27 advantage with
>> only 2^16 unique hostnames...)
>
> I would rather just compare a whole 256-bit public key or public-key
> hash than have to deal with something like the Windows 3.11 concept of
> ‘workgroup’ again.

That's reasonable, particularly if you want to encrypt to someone
without being able to retrieve their key via a handshake or keyserver.

MiniLock is a recent project that does that:

http://minilock.io/


Trevor


More information about the Messaging mailing list