From mboxrd@z Thu Jan 1 00:00:00 1970 Date: Sun, 7 Feb 2010 14:24:00 -0500 From: Nathaniel W Filardo To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Message-ID: <20100207192400.GN15480@gradx.cs.jhu.edu> References: <4B6DB95F.4090907@maht0x0r.net> <78b9710340a6345eac9f8690d306e1bb@brasstown.quanstro.net> <3dd5c634eddc6496085190a0e6de46a4@ladd.quanstro.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="w6U88vdWm8UqIXvc" Content-Disposition: inline In-Reply-To: <3dd5c634eddc6496085190a0e6de46a4@ladd.quanstro.net> User-Agent: Mutt/1.5.18 (2008-05-17) Subject: Re: [9fans] In case anyone worries about block hash collision in venti Topicbox-Message-UUID: cf785f5c-ead5-11e9-9d60-3106f5b1d025 --w6U88vdWm8UqIXvc Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Feb 07, 2010 at 12:44:52PM -0500, erik quanstrom wrote: > 1. the sender can't control email headers. many > transfer agents add a random transfer-id which > would confound this attack. >=20 > 2. if the rcpt uses mbox format, the sender can't > control how your message is fit into venti blocks. > the sender would need to control the entire > mail box. Fine, so he sends the evil document as a MIME attachment and you decode it into its own file to see what it is, just as fossil takes its nightly snapshot and flings data off to venti. =20 > 3. http://en.wikipedia.org/wiki/SHA_hash_functions > says that there have been no SHA1 collisions found. Up until relatively recently, that would have been true for MD5 as well. --nwf; --w6U88vdWm8UqIXvc Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAktvE1AACgkQTeQabvr9Tc/PHQCdHAL/+us59x8lFo2IqnRXbLup zQgAniQhnfyslatRDPf75cWn9CJ9neTk =O9hA -----END PGP SIGNATURE----- --w6U88vdWm8UqIXvc--