[cap-talk] use of hashcodes?
David Wagner
daw at cs.berkeley.edu
Tue Feb 23 11:33:17 PST 2010
Raoul Duke wrote:
>On Mon, Feb 22, 2010 at 9:49 PM, David Barbour <dmbarbour at gmail.com> wrote:
>i think this shows a little bit what is confusing me.
>
>to me, "secure" is more about people brute-forcing a hash collision,
>where as "robustness" is about look ma we use incr with big ints that
>never overflow cough cough and we never have to worry about a weird
>hard to reproduce bug that was caused by different request data
>hashing to the same thing.
>
>to me, the use of hashes to avoid collisions seems silly because you
>could just use incr (with a cache size that is smaller than big int
>and allow wrap on overflow) and not have to ever run the (however
>small but still real) risk of pointless trouble via collision.
However, David Barbour's counter-based proposal is not a serious proposal,
because its cache hit rate will likely be significantly worse than the
current Waterken scheme based upon SHA256-HMAC. I can't think of any way
to get similar performance benefits (good cache hit ratio, little state
on the server, good speed) and similar software engineering benefits,
without some kind of cryptography. So Waterken's scheme is not silly.
More information about the cap-talk
mailing list