public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Peter Todd <pete@petertodd.org>
To: Natanael <natanael.l@gmail.com>
Cc: bitcoin-development@lists.sourceforge.net
Subject: Re: [Bitcoin-development] bitcoinj 0.11 released, with p2sh, bip39 and payment protocol support
Date: Tue, 4 Feb 2014 11:04:14 -0500	[thread overview]
Message-ID: <20140204160414.GA23803@savin> (raw)
In-Reply-To: <CAAt2M1-LZ1APX9F93WE7Z877-WxqvJFbGaUmu5eriRGwvAOESw@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 747 bytes --]

On Tue, Feb 04, 2014 at 04:17:47PM +0100, Natanael wrote:
> Because it's trivial to create collisions! You can choose exactly what
> output you want. That's why XOR is a very bad digest scheme.

You're close, but not quite.

So, imagine you have a merkle tree, and you're trying to timestamp some
data at the bottom of the tree. Now you can successfully timestamp the
top digest in the Bitcoin blockchain right, and be sure that digest
existed before some time. But what about the digests at the bottom of
the tree? What can an attacker do exactly to make a fake timestamp if
the tree is using XOR rather than a proper hash function?

-- 
'peter'[:-1]@petertodd.org
000000000000000075829f6169c79d7d5aaa20bfa8da6e9edb2393c4f8662ba0

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 685 bytes --]

  reply	other threads:[~2014-02-04 16:04 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-02-04 12:01 [Bitcoin-development] bitcoinj 0.11 released, with p2sh, bip39 and payment protocol support Mike Hearn
2014-02-04 13:03 ` Peter Todd
2014-02-04 13:13   ` Mike Hearn
2014-02-04 13:17     ` Peter Todd
2014-02-04 14:43       ` Jeff Garzik
2014-02-04 14:46         ` Peter Todd
2014-02-04 15:17       ` Natanael
2014-02-04 16:04         ` Peter Todd [this message]
2014-02-05  7:57           ` Jeremy Spilman
2014-02-05 15:09           ` Brooks Boyd
2014-02-07  9:21   ` Peter Todd
2014-02-07 10:48     ` Mike Hearn

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20140204160414.GA23803@savin \
    --to=pete@petertodd.org \
    --cc=bitcoin-development@lists.sourceforge.net \
    --cc=natanael.l@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox