Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192]
	helo=mx.sourceforge.net)
	by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <mark@coinqy.com>) id 1XSXwH-0007uR-W7
	for bitcoin-development@lists.sourceforge.net;
	Fri, 12 Sep 2014 20:59:30 +0000
Received: from prei.vps.van-cuijk.nl ([79.170.90.37])
	by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:AES256-SHA:256)
	(Exim 4.76) id 1XSXwG-0006rG-Io
	for bitcoin-development@lists.sourceforge.net;
	Fri, 12 Sep 2014 20:59:29 +0000
Received: from [192.168.1.9] (ip161-117-174-82.adsl2.static.versatel.nl
	[82.174.117.161]) (using TLSv1 with cipher AES128-SHA (128/128 bits))
	(No client certificate requested) (Authenticated sender: mo_mark)
	by prei.vps.van-cuijk.nl (Postfix) with ESMTPSA id B857441BBC
	for <bitcoin-development@lists.sourceforge.net>;
	Fri, 12 Sep 2014 22:59:21 +0200 (CEST)
Content-Type: text/plain; charset=windows-1252
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Mark van Cuijk <mark@coinqy.com>
In-Reply-To: <mailman.342174.1410547421.2163.bitcoin-development@lists.sourceforge.net>
Date: Fri, 12 Sep 2014 22:59:19 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <06D9FBBD-30DB-4591-A932-B5A19F1D6543@coinqy.com>
References: <mailman.342174.1410547421.2163.bitcoin-development@lists.sourceforge.net>
To: bitcoin-development@lists.sourceforge.net
X-Mailer: Apple Mail (2.1878.6)
X-Spam-Score: 0.0 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
X-Headers-End: 1XSXwG-0006rG-Io
Subject: Re: [Bitcoin-development] BIP72 amendment proposal
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Fri, 12 Sep 2014 20:59:30 -0000

On 12 Sep 2014, at 20:43 , =
bitcoin-development-request@lists.sourceforge.net wrote:

> Specifically relevant here:
> =
http://security.stackexchange.com/questions/34796/truncating-the-output-of=
-sha256-to-128-bits.
>=20
> If you're going to truncate though, why not just leave the amount of
> bits up the the person generating the QR code? The client simply takes
> the hash prefix (any length up to full 256-bits) and makes sure it's a
> strict prefix of the actual hash of the payment request.

If you do so, please make sure the length of the hash is included in the =
PaymentDetails/PaymentRequest. If someone parses the URI and doesn=92t =
have an authenticated way of knowing the expected length of the hash, a =
MITM attacker can just truncate the hash to lower security.

/Mark=