SHA-1 and Git (was Re: [tahoe-dev] Tahoe-LAFS key management, part 2: Tahoe-LAFS is like encrypted git)
Jonathan Thornburg
jthorn at astro.indiana.edu
Tue Aug 25 11:32:39 EDT 2009
On Tue, 25 Aug 2009, Ben Laurie wrote:
> In order to roll out a new crypto algorithm, you have to roll out new
> software. So, why is anything needed for "pluggability" beyond versioning?
If active attackers are part of the threat model, then you need to
worry about version-rollback attacks for as long as in-the-field software
still groks the old (now-insecure) versions, so "versioning" is actually
more like "Byzantine versioning".
--
-- Jonathan Thornburg <jthorn at astro.indiana.edu>
Dept of Astronomy, Indiana University, Bloomington, Indiana, USA
"Washing one's hands of the conflict between the powerful and the
powerless means to side with the powerful, not to be neutral."
-- quote by Freire / poster by Oxfam
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list