Solve potential length extension attack by using SHA-3
This commit is contained in:
parent
913fe06d5c
commit
569046321b
SSH Key Fingerprint:
SHA256:BtnEgYTlHdOg1u+RmYcDE0mnfz1rhv5dSbQ2gyxW8B8
@ -1,5 +1,5 @@
|
||||
import math
|
||||
from hashlib import sha256
|
||||
from hashlib import sha3_256
|
||||
|
||||
SECURITY_PARAMETER = 256
|
||||
# Note that notably `MAXIMUM_HASH_DIFFICULTY` and `SPACE_TO_PROVE_IN_BITS` should be sent from the prover to the verifier before the second verifier initialization step. However to ease this prototype this communication isn't performed.
|
||||
@ -29,9 +29,8 @@ ENTRIES_NUMBER = math.ceil(SPACE_TO_PROVE_IN_BITS / NUMBER_OF_BITS_IN_AVERAGE_FO
|
||||
ENTRIES_NUMBER = 2 ** math.ceil(math.log2(ENTRIES_NUMBER))
|
||||
LEVELS = int(math.log2(ENTRIES_NUMBER)) + 1
|
||||
|
||||
# Do we have a problem due to length extension attacks? If so, could sha256 one more time as in Bitcoin.
|
||||
def hash(x):
|
||||
return sha256(x.encode('ascii')).hexdigest()
|
||||
return sha3_256(x.encode('ascii')).hexdigest()
|
||||
|
||||
# Storage could be done by using a separator but is it optimal? In fact how to do a separator optimally in binary? Could for instance encode on two bits, for normal bits the first one should be 0 otherwise if the first is 1 then whatever the second bit, it's a separator.
|
||||
# TODO: sure that this function is meaningly correct? cf below comment, should also consider the serialization of the actual array - should in a similar way verify `ENTRIES_NUMBER` computation
|
||||
|
||||
Loading…
Reference in New Issue
Block a user