[cap-talk] solve CSRF by making references unforgeable, not unshareable

David-Sarah Hopwood david.hopwood at industrial-designers.co.uk
Tue Mar 31 00:31:06 EDT 2009

Bill Frantz wrote:
> david.hopwood at industrial-designers.co.uk (David-Sarah Hopwood) on Thursday, March 26, 2009 wrote:
>> Encrypted capabilities work by being sparse (if they were only encrypted
>> but not sparse, then it would be possible to forge a random but valid
>> capability).
> If the representation of a capability includes a dense index to the
> referenced object, and a MAC for the index, then the server can use
> indexing rather than lookup to locate the object. (Lookup would probably
> use a data structure such as a hash table or RBtree.)

Yes. Note that:
 - this depends on the concatenated index and MAC being sparse;
 - the dense index leaks some information, that would not be leaked by
   representations that are indistinguishable from random;
 - lookup on random keys is unlikely to be significantly more expensive
   than indexing.

David-Sarah Hopwood ⚥

More information about the cap-talk mailing list