1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192]
helo=mx.sourceforge.net)
by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <pete@petertodd.org>) id 1WAiUO-0001fa-CP
for bitcoin-development@lists.sourceforge.net;
Tue, 04 Feb 2014 16:04:44 +0000
Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of petertodd.org
designates 62.13.149.56 as permitted sender)
client-ip=62.13.149.56; envelope-from=pete@petertodd.org;
helo=outmail149056.authsmtp.com;
Received: from outmail149056.authsmtp.com ([62.13.149.56])
by sog-mx-2.v43.ch3.sourceforge.com with esmtp (Exim 4.76)
id 1WAiUM-0007kC-5P for bitcoin-development@lists.sourceforge.net;
Tue, 04 Feb 2014 16:04:44 +0000
Received: from mail-c237.authsmtp.com (mail-c237.authsmtp.com [62.13.128.237])
by punt17.authsmtp.com (8.14.2/8.14.2/) with ESMTP id s14G4ZFc042738;
Tue, 4 Feb 2014 16:04:35 GMT
Received: from savin (76-10-178-109.dsl.teksavvy.com [76.10.178.109])
(authenticated bits=128)
by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id s14G4QQo085569
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO);
Tue, 4 Feb 2014 16:04:29 GMT
Date: Tue, 4 Feb 2014 11:04:14 -0500
From: Peter Todd <pete@petertodd.org>
To: Natanael <natanael.l@gmail.com>
Message-ID: <20140204160414.GA23803@savin>
References: <1D8E0828-D07F-46EF-9F9F-5CA83AA9DB59@plan99.net>
<20140204130312.GA23538@savin>
<CANEZrP2NyvRKwSEZORjAOq6G7UqLv=F3FjxmGNTPMT10yWGxzw@mail.gmail.com>
<20140204131723.GA10309@savin>
<CAAt2M1-LZ1APX9F93WE7Z877-WxqvJFbGaUmu5eriRGwvAOESw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature"; boundary="BXVAT5kNtrzKuDFl"
Content-Disposition: inline
In-Reply-To: <CAAt2M1-LZ1APX9F93WE7Z877-WxqvJFbGaUmu5eriRGwvAOESw@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-Server-Quench: 07623c9e-8db6-11e3-94fa-002590a135d3
X-AuthReport-Spam: If SPAM / abuse - report it at:
http://www.authsmtp.com/abuse
X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR
aQdMdgYUHlAWAgsB AmIbWlJeUFl7W2o7 bAxPbAVDY01GQQRq
WVdMSlVNFUsrABh2 An9/DRl6cgBAcTBx ZUVhWD5bW0J4dhV0
F1NcQT8AeGZhPWMC WUQOJh5UcAFPdx8U a1N6AHBDAzANdhES
HhM4ODE3eDlSNilR RRkIIFQOdA4BHyI3 QBEEH313WxRcDz8+
KxEvMVMQWA4OM1ky eUN7QlJcexUTElYP fQlEBiMRP1AQQict
EUtCR0kCFzZaRW9H HwUwJQVUagAA
X-Authentic-SMTP: 61633532353630.1024:706
X-AuthFastPath: 0 (Was 255)
X-AuthSMTP-Origin: 76.10.178.109/587
X-AuthVirus-Status: No virus detected - but ensure you scan with your own
anti-virus system.
X-Spam-Score: -1.5 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
-0.0 SPF_PASS SPF: sender matches SPF record
X-Headers-End: 1WAiUM-0007kC-5P
Cc: bitcoin-development@lists.sourceforge.net
Subject: Re: [Bitcoin-development] bitcoinj 0.11 released, with p2sh,
bip39 and payment protocol support
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Tue, 04 Feb 2014 16:04:44 -0000
--BXVAT5kNtrzKuDFl
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Feb 04, 2014 at 04:17:47PM +0100, Natanael wrote:
> Because it's trivial to create collisions! You can choose exactly what
> output you want. That's why XOR is a very bad digest scheme.
You're close, but not quite.
So, imagine you have a merkle tree, and you're trying to timestamp some
data at the bottom of the tree. Now you can successfully timestamp the
top digest in the Bitcoin blockchain right, and be sure that digest
existed before some time. But what about the digests at the bottom of
the tree? What can an attacker do exactly to make a fake timestamp if
the tree is using XOR rather than a proper hash function?
--=20
'peter'[:-1]@petertodd.org
000000000000000075829f6169c79d7d5aaa20bfa8da6e9edb2393c4f8662ba0
--BXVAT5kNtrzKuDFl
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
iQGrBAEBCACVBQJS8Q99XhSAAAAAABUAQGJsb2NraGFzaEBiaXRjb2luLm9yZzAw
MDAwMDAwMDAwMDAwMDA3NTgyOWY2MTY5Yzc5ZDdkNWFhYTIwYmZhOGRhNmU5ZWRi
MjM5M2M0Zjg2NjJiYTAvFIAAAAAAFQARcGthLWFkZHJlc3NAZ251cGcub3JncGV0
ZUBwZXRlcnRvZC5vcmcACgkQJIFAPaXwkft3SQf9Gd1WpzYVwjFAP/W846WvvsE2
U11R67s2oRjAQYwJ9pV8bsSsVmME0Ckg6GNSmlMjpPmTR3rynL+CBo0Ov0HRsuoY
UuqQsU82V0JrrLcSTckvd5pxA0RhAJa+cBkLMnGXwyWoJUX12IfSX/Wa/3sb1k1h
fo5SgQHv/Vf2ICRAaOMAgU8a84YVk/qnR3/OYM1Lh5PAdfVIjGL97g7g5h8wT+mp
dqMxVuDVuDiD53bTrqFHdZ6y+euorD/ojdOsmZQSypCWTjK8f9v/BH8IRDttOA7X
N8CweRJmDAmEkG2xv8KxW0UBzdCscWWaSdxFX4CX8hALq3bJgLqxixyeAwzLpg==
=uQBg
-----END PGP SIGNATURE-----
--BXVAT5kNtrzKuDFl--
|